Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

setuid

  • 18-01-2010 8:13pm
    #1
    chapod21
    Registered Users, Registered Users 2 Posts: 40


    Hi

    I created a simple script called test that creates a file in the sbin directory called testx. i changed the permissions on the script to 4755 and the owner to root. I try to run it as another user and the script cannot create the file. It works fine when the root user runs it. the permissions on the file are

    -rwsr-xr-x 1 root root 18 Jan 18 19:59 test


    Can some one tell me where i am going wrong


Comments

  • #2
    matrim
    Registered Users, Registered Users 2 Posts: 7,518 ✭✭✭matrim


    chapod21 wrote: »
    Hi

    I created a simple script called test that creates a file in the sbin directory called testx. i changed the permissions on the script to 4755 and the owner to root. I try to run it as another user and the script cannot create the file. It works fine when the root user runs it. the permissions on the file are

    -rwsr-xr-x 1 root root 18 Jan 18 19:59 test


    Can some one tell me where i am going wrong

    I would assume the problem is because writing to the sbin directory would require the script to be run with root permissions, as sbin is only gives write permission to root.


  • #3
    chapod21
    Registered Users, Registered Users 2 Posts: 40 chapod21


    That would normally be the case but from what i have read if you use the setuid permissions the excutable script/file will be run as the owner of the file in this case root

    http://en.wikipedia.org/wiki/Setuid

    an example of this is the passwd command.


  • #4
    djmarkus
    Registered Users, Registered Users 2 Posts: 1,606 ✭✭✭djmarkus


    Scripts cannot be setuid'd. Only binaries.


  • #5
    chapod21
    Registered Users, Registered Users 2 Posts: 40 chapod21


    ok

    thanks for the info


  • #6
    brianmc
    Registered Users, Registered Users 2 Posts: 868 ✭✭✭brianmc


    djmarkus wrote: »
    Scripts cannot be setuid'd. Only binaries.

    Not certain about latest Linux versions but this can certainly be configured in some versions of Unix. It's only a recent* thing to disallow it.


    *Recent meaning, only in the last couple of decades.


    Edit: But of course it would still be a bad idea security-wise. The problem is that scripts are too easily hacked and so a script with suid is potentially a big hole.


  • Advertisement
  • #7
    djmarkus
    Registered Users, Registered Users 2 Posts: 1,606 ✭✭✭djmarkus


    Not without an unsupported patch.

    The only way to run a script as another user is to use a binary wrapper.

    sudo being a good example.


  • #8
    chapod21
    Registered Users, Registered Users 2 Posts: 40 chapod21


    Thanks for the information. It clears everything up


Advertisement