15 Jan
2025
15 Jan
'25
2:51 p.m.
On 1/8/25 3:58 PM, Warren Toomey via TUHS wrote:
On 9/1/25 03:15, Douglas McIlroy wrote:
It's a great paper. I think the most interesting aspect is that the set
of loopholes Reeds concentrates on for the majority of the paper (Class 2)
aren't holes in the shell, per se. Except for the already-mentioned
behaviors of inheriting IFS from the environment and using it to split
all words, all of the weaknesses Reeds described are sloppy, but common,
programming practices in setuid programs. His conclusions are still
relevant.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet(a)case.edu http://tiswww.cwru.edu/~chet/
I have sent a scan of Jim Reeds's 1984
technical memorandum on Bourne-
shell security risks to Warren Toomey for posting in the TUHS archives.
Doug
It's now available at https://www.tuhs.org/Archive/Documentation/
TechReports/Bell_Labs/ReedsShellHoles.pdf