SUID permission on Bash script
Jeronimo Calvo
jeronimocalvop at googlemail.com
Fri Aug 28 09:01:57 UTC 2009
Aham!
so SUID can be applied to sh but it doesn't work!, there is not anyway to
apply it? apart from installing sudo?, The thing is that installing sudo and
adding that user into sudoers, that user will be capable to do any other SU
tasks, apart of shutting down... wich i dont like :D (I know that SUID could
be even worst if they edit the .sh file... but lets believe they dont even
know that XD)
Cheers!
2009/8/28 Giorgos Keramidas <keramida at ceid.upatras.gr>
On Fri, 28 Aug 2009 09:24:35 +0100, Jeronimo Calvo <
> jeronimocalvop at googlemail.com> wrote:
> > Hi folks!
> >
> > Im trying to set up a reaaallly basic scrip to allow one user to shutdown
> my
> > machine without root permisions, seting up SUID as follows:
> >
> >
> > -rwsrwxr-- 1 root wheel 38 Aug 27 23:12 apagar.sh
> >
> > $ ./apagar.sh
> >
> > Permission denied
> >
> >
> > content of script:
> >
> >
> > cat apagar.sh
> >
> > ]#!/usr/local/bin/bash
> > shutdown -p now
> >
> > As far as i know, using SUID, script must runs with root
> > permissions... so i shoudnt get "Permission denied", what im doing
> > wrong??
>
> No it must not. There are security reasons why shell scripts are not
> setuid-capable. You can find some of them in the archives of the
> mailing list, going back at least until 1997.
>
> The good thing is that you don't need a shell script to do that. You
> can install `sudo' and give permission to the specific user to run:
>
> sudo shutdown -p now
>
>
More information about the freebsd-questions
mailing list