From owner-freebsd-questions Mon Apr 15 13:46:56 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id NAA04616 for questions-outgoing; Mon, 15 Apr 1996 13:46:56 -0700 (PDT) Received: from yuri.microsoft.com (exchange.microsoft.com [131.107.243.48]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id NAA04607 for ; Mon, 15 Apr 1996 13:46:49 -0700 (PDT) Received: by yuri.microsoft.com with Microsoft Exchange (IMC 4.0.838.5) id <01BB2AD1.99E0AB30@yuri.microsoft.com>; Mon, 15 Apr 1996 13:44:00 -0700 Message-ID: From: "Scott Overholser (Volt Computer) (Exchange)" To: "'questions@FreeBSD.ORG'" , "'Andy Smith'" Subject: RE: FreeBSD 2.1 SUID Date: Mon, 15 Apr 1996 13:43:48 -0700 X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.838.5 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >The problem is I have a C program, that runs as user operator, with >UID 3. I need this user to be able to modify some files in /etc, so I >have a sh script that should run suid root. This script is simply > >#! /bin/sh ># >cp /usr/local/proto/weekly /etc/weekly >cp /usr/local/proto/daily /etc/daily >cp /usr/local/proto/security /etc/security >... >Plus more of the same > >This script is called on exit from the C program. The sh script is >owned by root.wheel and has permissions -rwsr-----. So that it >'should' suid to root as it runs, unfortunately this is not the case, >and it runs with uid 3, the operator. > >How can I get this (or any) shell script to run SUID root?? some un*ces refuse to run suid root shell scripts. i don't know if this is true for freebsd. in any case, don't do it - even if you can. there is no way to make a shell script secure enough for such use. you could write a c wrapper though. or, consider using perl. scotto >