INTRO (7) NetBSD Miscellaneous Information Manual INTRO (7 ...

More documents

Recommendations

Info

SCRIPT (7) NetBSD Miscellaneous Information Manual SCRIPT (7) Most shells (such as sh(1)) and certain other facilities (including execlp(3) and execvp(3) but not other types of exec(3) calls) still pass interpreter scripts that do not include the “#!” (and thus fail to execute with ENOEXEC) to /bin/sh. As this behavior is implemented outside the kernel, there is no mechanism that forces it to be respected by all programs that execute other programs. It is thus not completely reliable. It is therefore important to always include #!/bin/sh in front of Bourne shell scripts, and to treat the traditional behavior as obsolete. EXAMPLES Suppose that an executable binary exists in /bin/interp and that the file /tmp/script contains: #!/bin/interp -arg [...] and that /tmp/script is set mode 755. Executing $ /tmp/script one two three at the shell will result in /bin/interp being executed, receiving the following arguments in argv (numbered from 0): "/bin/interp", "-arg", "/tmp/script", "one", "two", "three" Portability Note: Multiple arguments The behavior of multiple arguments on the “#!” line is highly non-portable between different systems. In general, only one argument can be assumed to work consistently. Consider the following variation on the previous example. Suppose that an executable binary exists in /bin/interp and that the file /tmp/script contains: #!/bin/interp -x -y [...] and that /tmp/script is set mode 755. Executing $ /tmp/script one two three at the shell will result in /bin/interp being executed, receiving the following arguments in argv (numbered from 0): "/bin/interp", "-x -y", "/tmp/script", "one", "two", "three" Note that "-x -y" will be passed on NetBSD as a single argument. Although most POSIX style operating systems will pass only one argument, the behavior when multiple arguments are included is not consistent between platforms. Some, such as current releases of NetBSD, will concatenate multiple arguments into a single argument (as above), some will truncate them, and at least one will pass them as multiple arguments. The NetBSD behavior is common but not universal. Sun’s Solaris would present the above argument as "-x", dropping the " -y" entirely. Perhaps uniquely, recent versions of Apple’s OS X will actually pass multiple arguments properly, i.e.: NetBSD 3.0 May 6, 2005 2
SCRIPT (7) NetBSD Miscellaneous Information Manual SCRIPT (7) "/bin/interp", "-x", "-y", "/tmp/script", "one", "two", "three" The behavior of the system in the face of multiple arguments is thus not currently standardized, should not be relied on, and may be changed in future releases. In general, pass at most one argument, and do not rely on multiple arguments being concatenated. SEE ALSO awk(1), csh(1), ksh(1), sh(1), chmod(2), execve(2), intro(2), execlp(3), execvp(3), fd(4), options(4), setuid(7) STANDARDS The behavior of interpreter scripts is obliquely referred to, but never actually described in, 1003.1-2004 " (“POSIX.1”). IEEE Std The behavior is partially (but not completely) described in the System V Interface Definition, Fourth Edition (“SVID4”). Although it has never been formally standardized, the behavior described is largely portable across POSIX style systems, with two significant exceptions: the maximum length of the “#!” line, and the behavior if multiple arguments are passed. Please be aware that some operating systems limit the line to 32 or 64 characters, and that (as described above) the behavior in the face of multiple arguments is not consistent across systems. HISTORY The behavior of the kernel when encountering scripts that start in “#!” was not present in Version 7 AT&T UNIX. A Usenet posting to net.unix by Guy Harris on October 16, 1984 claims that the idea for the “#!” behavior was first proposed by Dennis Ritchie but that the first implementation was on BSD. Historical manuals (specifically the exec man page) indicate that the behavior was present in 4BSD at least as early as April, 1981. Information on precisely when it was first implemented, and in which version of UNIX, is solicited. SECURITY CONSIDERATIONS Numerous security problems are associated with setuid interpreter scripts. In addition to the fact that many interpreters (and scripts) are simply not designed to be robust in a setuid context, a race condition exists between the moment that the kernel examines the interpreter script file and the moment that the newly invoked interpreter opens the file itself. Because of these security issues, NetBSD does not allow setuid interpreter scripts by default. In order to turn on setuid interpreter scripts, options SETUIDSCRIPTS must be set in the configuration of the running kernel. Setting this option implies the FDSCRIPTS option, which causes the kernel to open the script file on behalf of the interpreter and pass it in argv as /dev/fd/[fdnum]. (See fd(4) for an explanation of the /dev/fd/[fdnum] devices.) This design avoids the race condition, at the cost of denying the interpreter the actual name of the script file. See options(4) for more information. However, the FDSCRIPTS mechanism is not a cure-all for security issues in setuid interpreters and scripts. Subtle techniques can be used to subvert even seemingly well written scripts. Scripts executed by Bourne type shells can be subverted in numerous ways, such as by setting the IFS variable before executing the script. Other interpreters possess their own vulnerabilities. Turning on SETUIDSCRIPTS is therefore very dangerous, and should not be done lightly if at all. NetBSD 3.0 May 6, 2005 3
Page 1 and 2:
INTRO(7) NetBSD Miscellaneous Infor
Page 3 and 4:
ASCII (7) NetBSD Miscellaneous Info
Page 5 and 6:
DES_MODES(7) OpenSSL DES_MODES(7) a
Page 7 and 8:
des_modes(7) libdes des_modes(7)
Page 9 and 10:
ENVIRON (7) NetBSD Miscellaneous In
Page 11 and 12:
HIER (7) NetBSD Miscellaneous Infor
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
MAILADDR (7) NetBSD Miscellaneous I
Page 23 and 24:
MDOC (7) NetBSD Miscellaneous Infor
Page 25 and 26:
MDOC (7) NetBSD Miscellaneous Infor
Page 27 and 28: MDOC (7) NetBSD Miscellaneous Infor
Page 29 and 30: MDOC.SAMPLES (7) NetBSD Miscellaneo
Page 55 and 56: ME(7) ME(7) .EN - yes Space after e
Page 57 and 58: NLS (7) NetBSD Miscellaneous Inform
Page 63 and 64: PKGSRC (7) NetBSD Miscellaneous Inf
Page 65 and 66: RE_FORMAT(7) RE_FORMAT(7) NAME re_f
Page 67 and 68: RE_FORMAT(7) RE_FORMAT(7) The curre
Page 69 and 70: RE_FORMAT(7) RE_FORMAT(7) example,
Page 71 and 72: RELEASE (7) NetBSD Miscellaneous In
Page 77: SCRIPT (7) NetBSD Miscellaneous Inf
Page 81 and 82: SETUID (7) NetBSD Miscellaneous Inf
Page 83 and 84: SIGNAL (7) NetBSD Miscellaneous Inf
Page 85 and 86: STICKY (7) NetBSD Miscellaneous Inf
Page 87 and 88: SYMLINK (7) NetBSD Miscellaneous In
Page 89 and 90: SYMLINK (7) NetBSD Miscellaneous In
Page 91 and 92: SYSCTL (7) NetBSD Miscellaneous Inf
Page 121: SYSCTL (7) NetBSD Miscellaneous Inf
show all

INTRO (7) NetBSD Miscellaneous Information Manual INTRO (7 ...

Create successful ePaper yourself

Delete template?

Save as template?