7 Aug
2019
7 Aug
'19
12:56 a.m.
This brought to mind this old discussion:
https://www.tuhs.org/Usenet/comp.unix.wizards/1988-November/023460.html
On Tue, Aug 6, 2019 at 3:49 PM Dave Horsfall <dave(a)horsfall.org> wrote:
On Tue, 6 Aug 2019, jason-tuhs(a)shalott.net wrote:
[ Replacing a temporary set-uid file ]
This was always described to me as the canonical
reason why setuid
interpreted scripts were a security hole, irrespective of any specifics
in the shell or other interpreter.
It's a problem for any temporary files in a world-writable directory,
hence the extensions to directory permissions e.g. /tmp and /var/tmp...
Amusingly enough, the Mac works around this by symlinking /tmp to
private/tmp i.e. you get your own /tmp...
-- Dave