Hacker News new | past | comments | ask | show | jobs | submit login

It's dicey to obtain key material from external hardware because...?



Shell scrips have issues with race conditions (which is why they aren't setuid) and just generally create a lot of points of exposure.


What?

Racy code has issues with race conditions. Any error in setuid executables can be very dangerous, so they are strongly discouraged. However, once you've decided that you have to write a setuid program, there's no particular reason to not write it in a scripting language.

As a datapoint, the KDE folks think that using scripting languages for setuid executables is okay:

/usr/lib/kde4/libexec/fileshareset: setuid Perl script, ASCII text executable


Perl goes to great lengths to be secure in the face of setuid.

This isn't even remotely controversial. There is a reason that the setuid bit is ignored for unix shell scripts.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: