From owner-freebsd-questions Thu Dec 26 8:24:42 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C364337B405 for ; Thu, 26 Dec 2002 08:24:40 -0800 (PST) Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BF1D43EDC for ; Thu, 26 Dec 2002 08:24:33 -0800 (PST) (envelope-from freebsd-questions-local@be-well.no-ip.com) Received: from be-well.ilk.org (lowellg.ne.client2.attbi.com[24.147.188.198]) by rwcrmhc52.attbi.com (rwcrmhc52) with ESMTP id <2002122616243205200fgfk6e>; Thu, 26 Dec 2002 16:24:32 +0000 Received: from be-well.ilk.org (lowellg.ne.client2.attbi.com [24.147.188.198] (may be forged)) by be-well.ilk.org (8.12.6/8.12.6) with ESMTP id gBQGOVQc018081 for ; Thu, 26 Dec 2002 11:24:31 -0500 (EST) (envelope-from freebsd-questions-local@be-well.no-ip.com) Received: (from lowell@localhost) by be-well.ilk.org (8.12.6/8.12.6/Submit) id gBQGOU12018078; Thu, 26 Dec 2002 11:24:30 -0500 (EST) X-Authentication-Warning: be-well.ilk.org: lowell set sender to freebsd-questions-local@be-well.ilk.org using -f To: freebsd-questions@freebsd.org Subject: Re: Run as owner References: <3DE83EE1.60400@netzero.net> <200211301028.10083.ph1@cogeco.ca> <05db01c29890$6befb7a0$fa00a8c0@DaleCoportable> <3E0B2A1C.1080503@netzero.net> From: Lowell Gilbert Date: 26 Dec 2002 11:24:30 -0500 In-Reply-To: <3E0B2A1C.1080503@netzero.net> Message-ID: <44vg1g3g01.fsf@be-well.ilk.org> Lines: 54 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Kirk Bailey writes: > Nope, I wrote a script that simply wran ID as a command and printed > the result, and ran it as my id of howlermo, although it was owned by > root. It wran as howlermo. I then ran it as grumpy. It ran as > grumpy. I then ran it as su, it ran as su. Permission was 755, so > anyone could run it, and w hoever ran it, it ran as; it assumes the id > of the person running it. Hmmm... Scripts don't honor setuid bits. [For rather important security reasons.] I'd be surprised if there was really a manual page that said otherwise. > Kevin D. Kinsey, DaleCo, S.P. wrote: > > From: "david" > > Subject: Re: Run as owner > > On Friday 29 November 2002 23:30, Kirk Bailey wrote: > > > >>OK, man says to get a script to run as the owner, turn on the 4000 > > bit. > > > >>OK, I did. No such luck, it continues to run as the apache identity > >>'nobody'. > > david: I'm just wondering, why is this a problem? > > I believe it's 'cuz he wants the script to build or destroy > > /etc/mail/aliases......check out some earlier posts under > > different thread names, perhaps. > > Kevin Kinsey > > DaleCo, S.P. > > > > > -- > > end > > Respectfully, > Kirk D Bailey > > > +---------------------"Thou Art Free." -Eris-----------------------+ > | http://www.howlermonkey.net mailto:highprimate@howlermonkey.net | > | KILL spam dead! http://www.scambusters.org/stopspam/#Pledge | > | http://www.tinylist.org +--------+ mailto:grumpy@tinylist.org | > +------------------Thinking| NORMAL |Thinking----------------------+ > +--------+ > > --------------------------------------------- > Introducing NetZero Long Distance > 1st month Free! > Sign up today at: www.netzerolongdistance.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message