Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!ucsd!ucbvax!ciba-geigy.ch!deyrau
From: deyrau@ciba-geigy.ch (Dipl agr Veronique Eyraud)
Newsgroups: comp.sys.sgi
Subject: forbidden things with bru
Message-ID: <9007301426.AA20083@focci01.wirz.cigy>
Date: 31 Jul 90 06:24:59 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 30
X-Unparsable-Date: Mon, 30 Jul 90 16:26:08 DST


Thank you for all the replies for the "SUID on scripts" question.
My ultimate goal in this is to allow an operator to log on a "normal"
account and to run a backup procedure reading all or parts of the file
system without beeing root.

Though I have a C procedure calling "bru", on which I have set UID, and
the exe looks like this:
-rwsr-x--- 1 root sys 15984 mybru

The source is the following
main(argc,argv)
int    argc;
char **argv;
{
/*      system( command ); */
	system("ls -l");
        system( 
"bru -cvn 15-jul-1990 -f /dev/nrtape /usr/focci02/prog/mmod/mm30x");
}

With this, I cannot succeed in reading a protected directory (no read access
for the "other" field,and the owner is from the "user" group), though it
works for the ls command that is called just before.

Is there something in the bru philosophy that says 
"Though shalt not backup directories if thee are protected even if though
 have SUID root sys ??!!!! "

Any idea ?