From owner-freebsd-questions@FreeBSD.ORG  Sat Aug 29 02:11:00 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1443A1065672
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Aug 2009 02:11:00 +0000 (UTC)
	(envelope-from tajudd@gmail.com)
Received: from mail-yw0-f171.google.com (mail-yw0-f171.google.com
	[209.85.211.171])
	by mx1.freebsd.org (Postfix) with ESMTP id C32DE8FC08
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Aug 2009 02:10:59 +0000 (UTC)
Received: by ywh1 with SMTP id 1so3326671ywh.9
	for <freebsd-questions@freebsd.org>;
	Fri, 28 Aug 2009 19:10:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:cc:content-type;
	bh=iaQFRqOGSMlKEVhfy86xwDENu/b/P73bIdmHOOKgGYc=;
	b=WaJ2e9HRThkgsGErHOH1zLZtjiL/01r5MXuwoxcdrxD9DYBskcpc4OIlYDcYUJxW9p
	5MCF8reHK2FdFhIHiGCffwtcAt2GLMBE6kX9MQ243HusZ4lj1KSGM0ZZD/KK/44w2HQ3
	/6t3oMShxao1aa/qwV3zHDtTeY58h2Qy3StYc=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=CWSz8MvPvbqbJR0SShL0MSInnTOvANBjl31Ke8suackDJIilPPOGLUZAE6x4lNc/XB
	3iFw9uMEBc7Ekr/+Q7lYaKuPdEByKVryPBQ6srm1Dobw6BSQ1DRsDVXzjT5a3ENpWp9b
	ZGva7rGN8emwF7kT/HvlSAXW9T+mb/W27UrkY=
MIME-Version: 1.0
Received: by 10.100.17.20 with SMTP id 20mr2031387anq.41.1251511859183; Fri, 
	28 Aug 2009 19:10:59 -0700 (PDT)
In-Reply-To: <20090829022431.5841d4de@gumby.homeunix.com>
References: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com>
	<87y6p4pbd0.fsf@kobe.laptop>
	<20090829022431.5841d4de@gumby.homeunix.com>
Date: Fri, 28 Aug 2009 20:10:59 -0600
Message-ID: <ade45ae90908281910o2de3c2c8ra5cde55a9ecead45@mail.gmail.com>
From: Tim Judd <tajudd@gmail.com>
To: RW <rwmaillists@googlemail.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-questions@freebsd.org
Subject: Re: SUID permission on Bash script
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Aug 2009 02:11:00 -0000

On 8/28/09, RW <rwmaillists@googlemail.com> wrote:
> On Fri, 28 Aug 2009 11:54:19 +0300
> Giorgos Keramidas <keramida@ceid.upatras.gr> wrote:
>
>> On Fri, 28 Aug 2009 09:24:35 +0100, Jeronimo Calvo
>> <jeronimocalvop@googlemail.com> wrote:
>
>> > As far as i know, using SUID, script must runs with root
>> > permissions... so i shoudnt get "Permission denied", what im doing
>> > wrong??
>>
>> No it must not.  There are security reasons why shell scripts are not
>> setuid-capable.  You can find some of them in the archives of the
>> mailing list, going back at least until 1997.
>
> I'm bit puzzled by this, previous threads have given the impression
> that this is a myth, for example:
>
> http://www.mail-archive.com/freebsd-questions@freebsd.org/msg185134.html
>
> So are scripts actually incapable of running setuid?


Dunno, but this dawns on me..

what defines a script?  I've always defined a script that starts with
a #! shebang.

So the script can be SUID, but the interpreter/shell isn't.  Is that
why it doesn't work?


--Tim