Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!cbmvax!ag
From: ag@cbmvax.commodore.com (Keith Gabryelski)
Newsgroups: comp.unix.wizards
Subject: Re: setuid?
Message-ID: <11410@cbmvax.commodore.com>
Date: 7 May 90 19:39:55 GMT
References: <1990May7.020504.26757@icase.edu> <3830@castle.ed.ac.uk>
Reply-To: ag@cbmvax (Keith Gabryelski)
Organization: Commodore-Amiga Unix; West Chester, PA
Lines: 29

In article <3830@castle.ed.ac.uk> egnu02@castle.ed.ac.uk (Mark Rae) writes:
>In article <1990May7.020504.26757@icase.edu> arras@icase.edu (Michael Arras)
writes:
>>	I have a shell script I would like other users to run as myself. I
>>tried:
>>
>>% chmod +s myfile
>
>Use chmod giving the octal permission values
>
>% chmod 4711 myfile 
>
>which gives -rws--x--x permissions.  REAL wizards always do it this way :)

This didn't answer Mr. Rae's question nor was it in the least
constructive since on System V [*1] a shell script can not be setuid;
on Berkeley setuid shell scripts have been shown to be security holes.

What Mr. Ray wants is C program wrapper that is setuid to himself that
exec(2)s his shell script.

Pax, Keith

*1: at least as distributed from AT&T; your vendor may have made some
mistake and stuck it in.
--
Support code for SVVS:
{int fd=open("/dev/zero",0);mmap(0,0x800,1,0x11,fd,0);close(fd);}
Keith Gabryelski				ag@amix.commodore.com