how to make an executable run as another user
Bill Moran
wmoran at potentialtech.com
Fri Sep 17 12:26:19 PDT 2004
Richard Bradley <rtb27 at cam.ac.uk> wrote:
> Um. I feel silly asking this. But I can't work it out.
Not silly, common problem for shell script writers.
> I want a shell script to run as another user. I always thought this was easy
> to do with the setuid bit, but never tried it before. I read "man chmod" and
> found this:
>
> .....
> 4000 (the setuid bit). Executable files with this bit set will
> run with effective uid set to the uid of the file owner.
> .....
> s The set-user-ID-on-execution and set-group-ID-on-execution
> bits.
> ....
>
> And off I went. I wrote a shell script to output the current uid. I chown'ed
> it to another user. I "chmod +s"ed it. I ran it.
>
> It didn't work.
>
> -----
>
> rtb27# cat test
> #! /bin/sh
> whoami
> rtb27# ll test
> -rwsr-sr-x 1 rich wheel 20 Sep 17 19:34 test
> rtb27# ./test
> root
Interpreted programs (i.e. scripts) don't honor setuid/setgid (with the
notable exception of setuidperl, which is installed but disabled on
FreeBSD)
Clever use of su or sudo can work around this. Also, writing a C or
C++ wrapper program will help. That's a bit of a PITA, though.
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
More information about the freebsd-questions
mailing list