Re: a tricky question

Re: a tricky question

[Byron Rakitzis]

I just thought of a hole: importing functions from the environment.
e.g.,

foo:
	#!/bin/rc --
	echo hi

can be foiled with

; fn echo {/bin/sh}
; foo

or even

	#!/bin/rc --
	exec mount /pcfs

can be foiled with

; fn exec {/bin/sh}
; foo

Then again, Duff mentions "-p" in one of the rc papers, so this one
does not get any credit.

Might it be worth adding "-p" to rc, or would it encourage a false
sense of security? I guess that's what I am driving at.

Re: a tricky question

[Chris Siebenmann]

 I think it's worth adding '-p' to rc (which would not import
functions from the environment) just to make rc shell scripts
more reliable in the face of random users using them. I know
that I've been starting all my scripts with something that
clears out the defined functions, but it's not foolproof;
'-p' would be better and more convenient. Never allowing
'fn' and 'builtin' to be redefined as functions would
probably also suffice, but I'd prefer '-p'.

	- cks

a tricky question

[Byron Rakitzis]

Can anyone with experience in the matter comment on whether rc
would behave well if the setuid bit is turned on? i.e., are there
holes in rc that need to be fixed? The only sh holes I know about
are the famous ones. The $ifs hole does not really apply, and the
option hole can be repaired with

	#!/bin/rc --

at the start of the script.

Note that I am not advocating running rc with the setuid bit turned
on, I was just wondering about it this morning.