From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20310 invoked by alias); 27 Sep 2016 19:31:32 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 39467 Received: (qmail 22133 invoked from network); 27 Sep 2016 19:31:32 -0000 X-Qmail-Scanner-Diagnostics: from mail-pa0-f51.google.com by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.99.2/21882. spamassassin: 3.4.1. Clear:RC:0(209.85.220.51):SA:0(0.0/5.0):. Processed in 0.118147 secs); 27 Sep 2016 19:31:32 -0000 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.1 X-Envelope-From: schaefer@brasslantern.com X-Qmail-Scanner-Mime-Attachments: | X-Qmail-Scanner-Zip-Files: | Received-SPF: none (ns1.primenet.com.au: domain at brasslantern.com does not designate permitted sender hosts) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brasslantern-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:date:in-reply-to:comments:references:to:subject :mime-version; bh=ObPu/WNFvYt21eD7tnPJp/cA1mwiwmjTlfYMkGHhBPE=; b=WEuqp6BbbGOqTcFuzR2NR8yrvVDcZ11CL0KMtow0T4K2Ox5lEgp2hMI4huNec9WYMv SAOWjYbvyp3L1gScf31Jnh3w9dgJmkNXIXbUuBPp9gd5B+ltqeejUVXZe6G5xo9QzC6O NV7ZyxbVG6pUQnJXUX0QXT2R/+lES+AEoOraqD9Uu4czykERy1/YU/Ij3B3ZbKOGwYCY rVJnxOwG1/s42khzVEDp5FsbeS69tRT3jjt4efoTf8uNK1BvbU5KeSajjnKVWv8kyqgF 3i88r7jSl1ZOPliPCmJl+DZd+OjODG6rCkpYsKHGQUpk8+5oFwpKVyI7fuEaa0lgXGIi 7h5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:message-id:date:in-reply-to:comments :references:to:subject:mime-version; bh=ObPu/WNFvYt21eD7tnPJp/cA1mwiwmjTlfYMkGHhBPE=; b=MlBkDEVEoLcI03Oxs8SodtY6Yrcypkk7enBv/Q3t7gAC4V0cQ+6eB+6BTAtf0MtDpe 2ijoBdhDSXJ5WElKmqxh0VXFHqzKT7HnPs/AT52y4H+yn8F3GuRgn7fHo0WgJoPwY0Zm sTP/qz1yGmAT7qN5vh0K5pm5K1PXCtLfZp+l4mNx7ek1XQAkbZN55e+URBWuNVzlFWa7 7Yp9TN8EvwpvZ/3p1OjVzoj+ptxZ7u1ZNlvZhZl6DL0hlRBDQu8B1jWS/LYyhToYDFdj fQYomBwkM/ESIbHgbnNljIyK1zAvAWlEePVtZ6xPbUTejsSFVfigCZyghNqL+64SIRK4 iOpw== X-Gm-Message-State: AE9vXwNqZ4tuAlVT/5pwjQ7HSTShwjFcZCkHTLbXgOCrUYqELpbSoCH1izs08gihs+pK6g== X-Received: by 10.66.150.202 with SMTP id uk10mr49783599pab.10.1475004366331; Tue, 27 Sep 2016 12:26:06 -0700 (PDT) From: Bart Schaefer Message-Id: <160927122619.ZM13412@torch.brasslantern.com> Date: Tue, 27 Sep 2016 12:26:19 -0700 In-Reply-To: <20160927100221.7d4f744f@pwslap01u.europe.root.pri> Comments: In reply to Peter Stephenson "Re: BUG: crafting SHELLOPTS and PS4 allows to run arbitrary programs in setuid binaries using system" (Sep 27, 10:02am) References: <20160927075347.GA500@fujitsu.shahaf.local2> <20160927100221.7d4f744f@pwslap01u.europe.root.pri> X-Mailer: OpenZMail Classic (0.9.2 24April2005) To: zsh-workers@zsh.org Subject: Re: BUG: crafting SHELLOPTS and PS4 allows to run arbitrary programs in setuid binaries using system MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii On Sep 27, 10:02am, Peter Stephenson wrote: } Subject: Re: BUG: crafting SHELLOPTS and PS4 allows to run arbitrary progr } } I've attempted to tidy up the logic to the point where I think I } understand it. Does the test "(!getuid() || !geteuid())" make sense or } should that be something else? I don't know of anything else more appropriate.