Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 5 Apr 2002 16:10:16 -0600 (CST)
From:      Gre7g Luterman <gre7g@wolfhome.com>
To:        FreeBSD Mailing List <freebsd-questions@freebsd.org>
Subject:   Re: Strange nosuid-like error
Message-ID:  <Pine.BSF.4.21.0204051609310.8530-100000@moses.wolfhome.com>
next in thread | raw e-mail | index | archive | help 
> The setuid bit does not work on shell scripts. This is true for all
> modern UNIX boxen. This is to prevent trivial security hacks. 

<slaps forehead>  Oops.  Didn't realize that.  Perhaps I have a 
different problem then I thought.

> What is the problem here? Everything looks fine.

Very good question!

> What are you trying to achieve?

I'm trying to fix my ssh client.  It runs when I try as root, but it 
doesn't when run as a mortal user, so I suspected I wasn't getting my 
suid.  That's why I tried that test which I guess wasn't as 
conclusive as I had hoped.  They should really mention that suid 
doesn't work on shell scripts SOMEWHERE.  Geez.  I've been staring at 
man pages all day and I never saw that anywhere.  Here's the 
situation:

$ ssh gre7g@192.168.168.99
FATAL: ssh_userfile_open: using non-current uid but not initialized 
(uid=1002, path=/usr/local/etc/ssh2/ssh2_config)
$ su
Password:
# ssh gre7g@192.168.168.99
gre7g's password:

# ls -l /usr/local/etc/ssh2
total 12
-rw-------  1 root  wheel   885 Jan  5 17:18 hostkey
-rw-r--r--  1 root  wheel   746 Jan  5 17:18 hostkey.pub
-r--r--r--  1 root  wheel  1588 Jan  5 17:55 ssh2_config
-r--r--r--  1 root  wheel   122 Jan  5 16:42 ssh_dummy_shell.out
-rw-------  1 root  wheel   668 Jan  5 16:42 ssh_host_dsa_key
-rw-r--r--  1 root  wheel   611 Jan  5 16:42 ssh_host_dsa_key.pub
-rw-------  1 root  wheel   536 Jan  5 16:42 ssh_host_key
-rw-r--r--  1 root  wheel   340 Jan  5 16:42 ssh_host_key.pub
-r--r--r--  1 root  wheel  2252 Jan  5 17:30 sshd2_config

The privileges here look right to me, but I guess something is wrong. 
Perhaps I should take this to the ssh list, but I was hoping not to.  
I did a web search on this problem and found the question posted a 
couple of times, but no answer ever posted.

Any tips would be appreciated,
Gre7g.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0204051609310.8530-100000>