From owner-freebsd-questions@FreeBSD.ORG  Sat Aug 29 02:27:05 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EB959106564A
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Aug 2009 02:27:05 +0000 (UTC)
	(envelope-from freebsd@edvax.de)
Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14])
	by mx1.freebsd.org (Postfix) with ESMTP id AA1708FC19
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Aug 2009 02:27:05 +0000 (UTC)
Received: from r55.edvax.de (port-92-195-1-225.dynamic.qsc.de [92.195.1.225])
	by mx02.qsc.de (Postfix) with ESMTP id 1CE4224BFA;
	Sat, 29 Aug 2009 04:27:03 +0200 (CEST)
Received: from r55.edvax.de (localhost [127.0.0.1])
	by r55.edvax.de (8.14.2/8.14.2) with SMTP id n7T2R39K002611;
	Sat, 29 Aug 2009 04:27:03 +0200 (CEST)
	(envelope-from freebsd@edvax.de)
Date: Sat, 29 Aug 2009 04:27:03 +0200
From: Polytropon <freebsd@edvax.de>
To: Tim Judd <tajudd@gmail.com>
Message-Id: <20090829042703.ed4553a3.freebsd@edvax.de>
In-Reply-To: <ade45ae90908281910o2de3c2c8ra5cde55a9ecead45@mail.gmail.com>
References: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com>
	<87y6p4pbd0.fsf@kobe.laptop>
	<20090829022431.5841d4de@gumby.homeunix.com>
	<ade45ae90908281910o2de3c2c8ra5cde55a9ecead45@mail.gmail.com>
Organization: EDVAX
X-Mailer: Sylpheed 2.4.7 (GTK+ 2.12.1; i386-portbld-freebsd7.0)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: RW <rwmaillists@googlemail.com>, freebsd-questions@freebsd.org
Subject: Re: SUID permission on Bash script
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Polytropon <freebsd@edvax.de>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Aug 2009 02:27:06 -0000

On Fri, 28 Aug 2009 20:10:59 -0600, Tim Judd <tajudd@gmail.com> wrote:
> Dunno, but this dawns on me..
> 
> what defines a script?  I've always defined a script that starts with
> a #! shebang.
> 
> So the script can be SUID, but the interpreter/shell isn't.  Is that
> why it doesn't work?

What is the difference of the script and the interpreter? The
script is read and executed by the shell, the script itself isn't
runnable at all.

The itnerpreter specified by #! is executed and then starts to
process the script. Is the interpreter running at SUID? Are the
commands (child processes) that it executes (fork) running at
SUID?

But let us continue this consideration:

If the shell process would be replaced by the command that is
called, would it make a difference? Compare

	#!/bin/sh		<- this starts /bin/sh
	shutdown -p now		<- /bin/sh starts child shutdown

to

	#!/bin/sh		<- this starts /bin/sh
	exec shutdown -p now	<- /bin/sh replaced by shutdown

Hmmm... do I see this correctly?



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...