Date: Fri, 13 Dec 2002 14:07:59 -0600 From: Dan Nelson <dnelson@allantgroup.com> To: "Jason L. Schwab" <jlschwab@jlschwab.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: chmod question Message-ID: <20021213200758.GA27316@dan.emsphone.com> In-Reply-To: <20021213125137.X69651-100000@brittney.jlschwab.com> References: <20021213125137.X69651-100000@brittney.jlschwab.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Dec 13), Jason L. Schwab said: > Heya Folks; > > I came accross a file on a friend of mine's machine and I was > wondering how via chmod you could come up with the follow > permissions (ls -la on the file) > > -rwx--s--- > > I tried doing chmod u+rwx and then g+s but then I get -rwx--S--- and > it does not work correctly. The idea behind this is to have a shell > script that can be ran as suid by a group of people, but the actual > script code can not be seen. When you do an ls, the setuid and executable bits get displayed on the same character position. setuid exec char ====== ==== ==== 0 0 - 0 1 x 1 0 S 1 1 s Try chmod u=rwx,g=sx. This doesn't work, though, since setuid bits on shell scripts do nothing. The kernel actually executes shell scripts as "/bin/sh command", so the setuid bit is never checked. Take a look at the "sudo" utility, which will let you do what you want. -- Dan Nelson dnelson@allantgroup.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021213200758.GA27316>