1 |
Wade Brown wrote: |
2 |
|
3 |
>I thought linux wouldn't allow suid shell scripts to work as suid. |
4 |
>The reasoning is a shell script doesn't quite execute, it gets |
5 |
>interpeted by the command on the first line. Just as a test I made a |
6 |
>simple script modded root.root 4755 that consists of the /bin/bash |
7 |
>line, and cat /etc/shadow. Root can run just fine obviously, but |
8 |
>permissions don't exist for other users to do that. |
9 |
> |
10 |
> |
11 |
> |
12 |
|
13 |
Works fine on my machine. /opt/vmware/lib/vmware/bin/vmware-vmx is a |
14 |
setuid shell script that I wrote to startup vmware with the wrapper |
15 |
library to get vmware to work with arts. Also my permissions on that |
16 |
file are 4711, so maybe there is something special about the global read |
17 |
bit? Or possibly dependant upon what LSM modules you have loaded/enabled? |
18 |
|
19 |
>What may work a little better is either chmod s+x `which shutdown`, or |
20 |
>writing a C wrapper and modding that s+x. |
21 |
> |
22 |
> |
23 |
|
24 |
I agree that the C wrapper is definetly the most secure option. |
25 |
|
26 |
-Richard |
27 |
|
28 |
-- |
29 |
gentoo-user@g.o mailing list |