[TCLUG] Puzzling SUID problem

[Nick.T.Reinking at supervalu.com]

Ah ha.  A common misunderstanding.  Every UNIX I know will not allow
SUID scripts to run.  If you want SUID, either create a C program that runs
a script and make that SUID, or recompile your kernel to allow it (very not
recommended.)

Allowing SUID scripts is a huge security hole.

Nick Reinking






jamie at floyd.getsetnet.net, on 12/05/2000 02:03:23 PM
To: tclug-list at mn-linux.org @ PMDF
cc:  
Subject: [TCLUG] Puzzling SUID problem



  I have spent the last several hours pouring through docs on suid and
racking my mind. My script isn't working. Here is a long listing of my
script:

 -rwsr-sr-- 1 root   wheel         379  Dec 5  12:57  myprog

  The contents of my prog are:

  #!/bin/bash

  cat /root/file1;

  User Jamie is on the group wheel, but when jamie goes to execute myprog
  the system qweefs like this:

  cat: /root/file1: Permission denied

  I am using Red Hat 6.2. As I am understanding the documentation, since
jamie is on wheel, when he executes this program, the program will run as
root, and if the file is running as root, it would have the file access
privelages as root. Am I wrong?? Evidently I am, but then it would seem to
be incongruent with what all my books are telling me.
I have also tried running myprog as root, and it works fine then. One last
thing I should include is a pic of my root directory where file1 is:

drwxr-x---  15   root   root      4096  Dec 5  02:32  root


and here is a long listing of file1:

-rwxr-xr--   1  root   root       5  Dec 5  01:05  file1


   - Jme

_______________________________________________
tclug-list mailing list
tclug-list at lists.real-time.com
https://mailman.real-time.com/mailman/listinfo/tclug-list