current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems. It's 100% free, no registration required.

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote 6 down vote favorite
1

with Bash's source it is possible to execute a script without execution bit set. This is documented and expected behavoir, but isn't this against the use of an execution bit?

I know, that source doesn't create a subshell.

share|improve this question
    
The fact that chmod can let you set permissions (including `x) with an octal number gives some clue to what era it comes from. I wouldn't be surprised if it started as a quick and dirty "this is a binary file you can execute" indicator, from the days before she-bang was invented, but I have no evidence to that – infixed 55 mins ago
    
Then again, when SUID comes into play, different levels of protection for different categories of users become more important. Go ahead and read my SUID program if you want. But if you execute it via simply reading it, the SUID powers are not coming along with it – infixed 50 mins ago
up vote 6 down vote

source or the equivalent but standard dot . do not execute the script, but read the commands from script file, then execute them, line by line, in current shell environment.

There's nothing against the use of execution bit, because the shell only need read permission to read the content of file.

The execution bit is only required when you run the script. Here the shell will fork() new process then using execve() function to create new process image from the script, which is required to be regular, executable file.

share|improve this answer
    
I tested it with echo and it worked, so it might also work with rm -rf ~ with can make hugh damage – Motte001 2 hours ago
    
@Motte001: Yes, it's work with any command, just like you type in terminal for example – cuonglm 2 hours ago
    
This is all correct, but it doesn't answer the question: Why didn't the Bourne cell require execute permission to run a shell script? It could have, but someone was decided not to. – alexis 2 hours ago
1  
@alexis: I'm not sure I really follow. If you do bash < script, you get essentially the same result as source script. What protection does an execute bit check provide? – Conspicuous Compiler 1 hour ago
    
@alexis, it's not an interpreter's job to check permissions of the scripts it interprets. Nothing does this -- not Python, not Ruby, not the Java virtual machine, not other random shells. The execute bit controls whether the OS execv* family of syscalls can be used with an executable, not whether an interpreter will run it. Why confuse people (and break ability to evaluate code streamed from non-file sources) by breaking conventions? – Charles Duffy 24 mins ago
up vote 6 down vote

The execution bit (unlike the rest) on nonsetuid and nonsetguid files isn't much of a security mechanism. Anything you can read, you can run indirectly, and Linux will let you read anything you can run via /proc.

It's more of a convenience thing: Let the system run it for me directly if the the bit is set, otherwise I need to do it indirectly (bash the_script; or cp /proc/$something/exe /tmp/mycopy && chmod +x mycopy).

You can set it for convenience if you intend to both in-source and execute your insourcable.

share|improve this answer
    
Of course I can run everything when I can read it, but the execution bit can prevent "normal" dektop users from infection their PC by clicking on mail attachments (If such users would use Linux). So it is kind of a security feature – Motte001 2 hours ago
2  
@Motte001 They can execute those attachments if they really want to. It's a convenience. – PSkocik 2 hours ago
1  
The executable bit is not for security: If I own a file I am free to chmod it and make it executable. It is for sorting data from programs, so the OP's question is a reasonable one. – alexis 2 hours ago
1  
One reason we need the executable bit is to run setuid programs, particularly those owned by root. While you can certainly execute them on your own, you need the OS to run them so that they will have the necessary permissions. In some other cases it really is just a convenience. – Waleed Khan 48 mins ago
1  
"Linux will let you read anything you can run via /proc" -- Well, my stock Debian kernel doesn't: /tmp$ cp /bin/cat ./cat ; chmod a-rw ./cat ; ./cat & cp /proc/$!/exe /tmp/cat2 -> cp: cannot stat ‘/proc/16260/exe’: Permission denied – ilkkachu 14 mins ago
up vote 0 down vote

Another point of view:

Sourced script basically consists of shell builtins and program calls. Shell builtins (with source among them) are parts of the shell and the shell must be executable in the first place. Every program called (that being ELF, another script with shebang, whatever) has to have execution bit set, otherwise it will not run.

So it is not against the use of an execution bit, because nothing without execution bit will run. The validation doesn't occur for the sourced script as a whole; it is performed for every part separately, but it is.

share|improve this answer
up vote 0 down vote

The distinction is important because you may have a file of shell commands which is not useful as an executable, but only useful when sourced. For this file you can turn off the execute bit and then it will never be accessed unless explicitly in a source command. The reason for such a thing is to have side effects on the shell it is run from. For a specific example, I have a script called fix_path which looks at and modifies the path.

share|improve this answer
up vote 0 down vote

That's a good question! Unix uses the executable bit to distinguish between programs and data. The OS does not require the execution bit, since a sourced script is not passed to the OS for execution as a new process. But the shell treats a sourced script as a program, and will look in $PATH for the file you want to source. So, the shell itself could have required execute permission for sourced files; but it didn't.

The question must have come up long ago. The design of the Bourne shell was the result of "a long sequence of modification, dialog, discussion" among the denizens of Bell Labs, and many design decisions were discussed by S.R. Bourne and others over the years. Unfortunately, my quick look didn't find any discussion of the source feature (in my defense, it's hard to google for it). What I did find is that the "." command does not appear in this early introduction to the shell by Bourne himself, but it is present in the more mature Version 7 version.

Absent authority, here's my own interpretation:

  1. The . command, aka source, is in effect textual inclusion (like #include in the C preprocessor) into the source code of the executing script or interactive session. As such, the included file is arguably not "executed".

  2. The Unix philosophy has always been to give the programmers enough rope to hang themselves. Too much hand-holding and arbitrary restrictions just get in the way. (It is only rather recently that some distributions made rm -r / refuse to do what you ask. Do not try this as root!) So, perhaps Bourne at al. just decided that when you try to source a file, you are assumed to know what you are doing. That also avoids unnecessary work, and cycles mattered a lot back then.

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.