]>
Commit | Line | Data |
---|---|---|
1 | 7. Several people have reported that `dip' (a program for SLIP/PPP | |
2 | on Linux) does not work with bash-2.0 installed as /bin/sh. | |
3 | ||
4 | I don't run any Linux boxes myself, and do not have the dip | |
5 | code handy to look at, but the `problem' with bash-2.0, as | |
6 | it has been related to me, is that bash requires the `-p' | |
7 | option to be supplied at invocation if it is to run setuid | |
8 | or setgid. | |
9 | ||
10 | This means, among other things, that setuid or setgid programs | |
11 | which call system(3) (a horrendously bad practice in any case) | |
12 | relinquish their setuid/setgid status in the child that's forked | |
13 | to execute /bin/sh. | |
14 | ||
15 | The following is an *unofficial* patch to bash-2.0 that causes it | |
16 | to not require `-p' to run setuid or setgid if invoked as `sh'. | |
17 | It has been reported to work on Linux. It will make your system | |
18 | vulnerable to bogus system(3) calls in setuid executables. | |
19 | ||
20 | --- bash-3.0.orig/shell.c Wed Dec 18 14:16:30 1996 | |
21 | +++ shell.c Fri Mar 7 13:12:03 1997 | |
22 | @@ -461,7 +461,7 @@ | |
23 | initialize_shell_builtins (); | |
24 | } | |
25 | ||
26 | - if (running_setuid && privileged_mode == 0) | |
27 | + if (running_setuid && privileged_mode == 0 && act_like_sh == 0) | |
28 | disable_priv_mode (); | |
29 | ||
30 | /* Need to get the argument to a -c option processed in the |