[X-Unix] Security content of the Mac OS X 10.3.9 Update
Albert Lunde
atlunde at panix.com
Mon Apr 18 08:06:01 PDT 2005
> >I'm not sure I understand this right. Is 10.3.9 disabling the SUID/SGID
> >functionality?
>
> The statement is misleading. While Apple does not distribute SUID/SGID
> "scripts" it does distribute SUID "programs" -- the most well known
> being
> sudo.
The reason for concern about setuid _scripts_ is that, under many
versions of Unix, there is a race condition that makes setuid
scripts insecure. (I think what it amounts to is that one
can't be sure the script interpreter is running the same script as
was there when the setuid bit was evaluated.)
The classic workaround has been to write a setuid wrapper
program, say in C, and have that run a non-setuid script.
Some OS or script interpreter versions have tried to avoid the race
condition, but it's easier to turn off the dangerous case than "fix" it.)
(This was first an issue with shell scripts but it also can apply
to things like perl.)
More information about the X-Unix
mailing list