[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suid





Stanislav Malyshev a.k.a. Frodo wrote:

> On Wed, 11 Feb 1998, Erez Doron wrote:
> >i did chmod 755 filename
> >the chmod +s filename
> >so ls gives -rwsr-sr-s 1 root root 8101 feb 11 18:01 filename*
> -rwsr-sr-x you mean?
>

yep, sorry it was -rwsr-sr-x (chmod 4755 filename)

> >so how do i make my script suid root ?
> AFAIK, in Linux you don't. Setuid shell scripts are BAD.

if you write a suid root script without thinking to much, it is badbut if
you think carefully before doing so, it is not bad, and an easy solution
to some problems ( better then giving the root password )

> For a number
> of reasons. There was various hacks to implement the thing securely, but
> generally the answer is no.

so can I or can't I make suid root scripts in tcsh ?

> You may try to use suidperl, or compile C
> program (taking all precautoins one takes writing suid program). Or just
> think - do you really need it to be suid root?
> --
> frodo@sharat.co.il      \/  There shall be counsels taken
> Stanislav Malyshev      /\  Stronger than Morgul-spells
> phone +972-2-5369213    /\              JRRT LoTR.
> http://www.sharat.co.il/frodo/   whois:SM719-RIPE@whois.ripe.net


begin:          vcard
fn:             Erez Doron
n:              Doron;Erez
org:            Savan Communications Ltd.
email;internet: erez@savan.com
title:          Asic/Software/Sysadmin
x-mozilla-cpt:  ;0
x-mozilla-html: TRUE
version:        2.1
end:            vcard