setuid?

Keith Gabryelski ag at cbmvax.commodore.com
Tue May 8 05:39:55 AEST 1990


In article <3830 at castle.ed.ac.uk> egnu02 at castle.ed.ac.uk (Mark Rae) writes:
>In article <1990May7.020504.26757 at icase.edu> arras at icase.edu (Michael Arras)
writes:
>>	I have a shell script I would like other users to run as myself. I
>>tried:
>>
>>% chmod +s myfile
>
>Use chmod giving the octal permission values
>
>% chmod 4711 myfile 
>
>which gives -rws--x--x permissions.  REAL wizards always do it this way :)

This didn't answer Mr. Rae's question nor was it in the least
constructive since on System V [*1] a shell script can not be setuid;
on Berkeley setuid shell scripts have been shown to be security holes.

What Mr. Ray wants is C program wrapper that is setuid to himself that
exec(2)s his shell script.

Pax, Keith

*1: at least as distributed from AT&T; your vendor may have made some
mistake and stuck it in.
--
Support code for SVVS:
{int fd=open("/dev/zero",0);mmap(0,0x800,1,0x11,fd,0);close(fd);}
Keith Gabryelski				ag at amix.commodore.com



More information about the Comp.unix.wizards mailing list