[kismac] Re: suid off
- From: "Dan Oetting" <dan_oetting@xxxxxxxxx>
- To: kismac@xxxxxxxxxxxxx
- Date: Fri, 29 Apr 2005 00:00:45 -0600
On Apr 28, 2005, at 1:33 PM, Brad Knowles wrote:
But I'm pretty sure I've been hearing the sentiment (SUID scripts
are dangerous) for as long as I've been playing with Linux (2.0
kernel?)
and BSDs (Freebsd 3.1?)
I've been hearing this since I started mucking about with shell
scripts, over twenty years ago -- BSD 2.9.something running on a PDP
11/70.
SUID scripts were a side effect of of the #! hack that allows all
scripts to be invoked by the exec() system call. The first mention of
the idea was around 1981 and first implementation appears to be 4.1BSD
and later incorporated in 2.8BSD. By December 1981 there is already
talk about the dangers of SUID scripts.
Other related posts: