Hi, Thorsten Glaser: > On Fri, 26 Sep 2014, Matthias Urlichs wrote: > > > In any case, adding "-p" to any #!/bin/bash shebang line looks like a very > > good idea. Shall we add a Lintian check for this? > > ***ABSOLUTELY NOT*** > > The -p option is for the shell to *not* drop privileges when > called setuid.
Yes, it does that. It _also_ does all the other sanity-preserving things a shell started in an insecure environment should do. IMHO, code which calls a shell script with euid != ruid is buggy anyway, because it _cannot_ depend on the shell to pro-actively fix that omission. Any other program which happens to not be a #!/bin/bash shell script, started the same way, will not reset its euid either. I don't expect any other shell to care; the dash(1) manpage implies that it does not, for instance. Therefore I do not think that adding this flag would create any new security problems. Feel free to find a real-world counterexample. -- -- Matthias Urlichs -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140930095719.ge7...@smurf.noris.de