Understanding Interpreter Spoofing

[iam_chunky_pie]

Hello everyone,

Noob here. I'm teaching myself bash and have come to a section regarding 
interpreter spoofing. I feel confident (but could be wrong,) I understand the 
concept based on what I've earned (I'll spare everyone a review.)

However, I'm not able to reproduce the spoof? I've googled "interpreter 
spoofing," "setuid root spoofing attacks" but all I get in return is the theory 
on what it is and how to avoid it. Has this vulnerability been fixed in bash or 
in Linux in general. I believe while trying to find an answer on my own, I saw 
something to that effect that suid and sguid are basically not allowed anymore 
in Linux and thought maybe something similar applied to how the shell uses that 
magic line to run scripts. Below is the sample script I tried to spoof and the 
commands I ran to try to reproduce the spoof.

Sampe Script:
#!/bin/bash
echo "did you pop a shell!"

Commands:
chmod 4750 script
mv script ~/-i
oldPATH=$PATH
PATH=.
-i

I get the output from the echo command but when I check ps, it still only shows 
one bash process. I was just gone give up trying to replicate the spoof, move 
on and just settle for understanding the theory but thought this was a good 
opportunity to participate in this mailing list and start learning the social 
norms of mailing lists in general (and of course learn more bash!) PS - I'll be 
less verbose in the future, I have a habit of feeling like I don't explain 
myself clearly enough : /

Regards,

Chunky Pie
"I'm chunky and I'm funky" - Action Bronson