[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ossig] SUID problems
I *think* for security reasons, shell scripts do not honour suid.
Here's my little test of that, under Linux:
[iwsmith@nel-rel159 tmp]$ cat /tmp/test.sh
#!/bin/sh
whoami
id
mkdir /mrblobby
[root@nel-rel159 tmp]# ls -l test.sh
-rwsrwxr-x 1 root iwsmith 37 Jun 23 15:41 test.sh
[iwsmith@nel-rel159 tmp]$ ./test.sh
iwsmith
uid=500(iwsmith) gid=500(iwsmith) groups=500(iwsmith)
mkdir: cannot create directory `/mrblobby': Permission denied
So even though I gave the script to root, and setuid it, it
still runs as me, not root.
You could try a setuid Perl script as a wrapper? Or a setuid
executable that then calls the script?
Imran
Venantius Kumar wrote:
Hi everyone,
I am having some permission problem with starting up pppd Mandrake 9.0.
OK here is the situation:
I wrote a script that starts a dialup connection to Jaring and another
to disconnect. As root it works fine.
So next what I did was changed the script's permission by giving setting
SUID bit ("u + s") and "o + rx". When I ran the script as a normal
user, it says something like "normal user does not have permission to
use this device".
Within my script I actually call "ifup ppp0". Now if I am not mistaken,
SUID for a programme is supposed to assume the identity of the file's
owner instead of the user who initiated it. So what can be wrong? Is
there something I may be missing?
Thanks in advance.
regards,
Venantius.
--
Imran William Smith
Project Manager, Open Source Development,
MIMOS Berhad, Malaysia
Asian Open Source Centre : http://www.asiaosc.org
MIMOS Open Source : http://opensource.mimos.my
------------------------------------------------------------
To unsubscribe: send mail to ossig-request@mncc.com.my
with "unsubscribe ossig" in the body of the message