I have two programs that (for all practical purposes) should be identical.
root@dirac:/tmp/ cat pids.c
#include
Why do not pids.sh also report euid=0? Does this mean setuid/setgid on bash scripts are useless and misleading?
Basically, yes. A better way of looking at it is that setuid scripts are a security nightmare - the shell is so easy to corrupt that it's very hard to make a setuid script safe. For this reason the kernel doesn't allow them. This is a good thing - honest! --
eatapple core dump
participants (2)
-
Derek Fountain
-
Hallingstad Håkon