From owner-freebsd-questions Mon Apr 15 15:27:15 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id PAA12842 for questions-outgoing; Mon, 15 Apr 1996 15:27:15 -0700 (PDT) Received: from digital.netvoyage.net (root@digital.netvoyage.net [205.162.154.10]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id PAA12830 for ; Mon, 15 Apr 1996 15:27:11 -0700 (PDT) Received: from localhost (bogawa@localhost) by digital.netvoyage.net (8.6.13/8.6.9) with SMTP id PAA25395; Mon, 15 Apr 1996 15:26:52 -0700 Date: Mon, 15 Apr 1996 15:26:51 -0700 (PDT) From: Bryan Ogawa at Work To: Andy Smith cc: questions@freebsd.org Subject: Re: FreeBSD 2.1 SUID In-Reply-To: <1722091815041996/A16461/REOA2/11A47C891500*@MHS> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Mon, 15 Apr 1996, Andy Smith wrote: > I hope you can help with a small problem that I have using FreeBSD to > implement a > Firewall. > > First off let me just say that I am very impressed with FreeBSD and > have used in to implement a number of large projects, including this > one, in preference to Sun. > > The system is a Pentium PC with IDE HD, IDE SyQuest, Mitsumi CD Rom, > 32Mb RAM. > > It is FreeBSD 2.1, with a recompiled kernel, removing NFS, SCSI etc. > Most of the unused binaries have been removed from the system. > > The problem is I have a C program, that runs as user operator, with > UID 3. I need this user to be able to modify some files in /etc, so I > have a sh script that should run suid root. This script is simply > > #! /bin/sh > # > cp /usr/local/proto/weekly /etc/weekly > cp /usr/local/proto/daily /etc/daily > cp /usr/local/proto/security /etc/security > ... > Plus more of the same > > This script is called on exit from the C program. The sh script is > owned by root.wheel and has permissions -rwsr-----. So that it > 'should' suid to root as it runs, unfortunately this is not the case, > and it runs with uid 3, the operator. > > How can I get this (or any) shell script to run SUID root?? > > Thanks > > Andy As many people will tell you, you can't run shell scripts by setting the SUID bits. It's considered insecure (as SUID shell scripts can be used to run arbitrary programs as their owners). It's disabled in the kernel somewhere. So, you have a few options: 1. Write a wrapper program in C. I'm no expert on this, but it can be done. 2. Write the program itself in C. Watch out--if you do calls which execute shells, they can possibly be subverted, I believe (via the IFS shell variable). 3. Write the program in perl. Perl offers a suid mode which reads and interprets the suid bits (change the header to #!/usr/bin/suidperl ). It offers security which the shell scripts don't, and in addition, has a rather paranoid "taint" concept that is designed to keep you from accidentally shooting yourself in the foot (and giving away root). It's pretty easy to use, if you're used to using perl. In the above case, it's possible to set your system up so that it will make all the shell cp calls safely (or even from a C wrapper). I'm not wholly familiar with that, through (there's a perl script which will write wrappers I've seen, but it doesn't seem to have the environment variables set right). bryan Bryan K. Ogawa Questions or Problems with NetVoyage? help@netvoyage.net Check out the NetVoyage HelpWeb at..