Date: Tue, 10 Jun 1997 20:13:49 +0000 (GMT) From: spork <spork@super-g.com> To: "Joshua J. Ellis" <ellis@kcc.com> Cc: freebsd-questions@freebsd.org Subject: Re: Set execution UID on script Message-ID: <Pine.BSF.3.95q.970610194033.27049D-100000@super-g.inch.com> In-Reply-To: <01BC75C2.A3B27CA0.ellis@kcc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I'm not sure how safe this is, but I do know that for it to work, you'll need permissions set like so: -r-sr-x--- This means that it is setuid root and that anyone in the group that has ownership of it may execute it as root. Previously you were making it setgid staff, which is wrong... Perhaps someone could comment on how to make sure this is safe??? Charles On Tue, 10 Jun 1997, Joshua J. Ellis wrote: > > I'm missing something on a script I'm attempting to setup for an > administration group. The script is this: > > #!/bin/sh > kill -hup `cat /var/run/named.hup` > > I then do a "chown root:staff rs-named" followed by a "chmod 6750 rs-named". > That gives me an set of permissions like this: > > -rwsr-s--- 1 root staff 46 Jun 10 16:56 rs-named > > Shouldn't this allow users of the 'staff' group to successfully execute this > command? When I try to execute it as anyone but root, I get the following > error: > > kill: 230: Operation not permitted > > 230 is the PID of named. If it is executing as root, why is kill refusing to > send a message to the process? > > -joshua > -- > ****[ S-D-G ]***************************************[-0.8090169943749]*** > Joshua Ellis, IS Consultant - Omni Resources, Green Bay, WI (800)236-2332 > ellis@kcc.com http://www.kimberly-clark.com > joshe@elltech.com http://www.joshua.elltech.com > > poet-apostate-philosopher-musician-pinhead-hwarang-webmaestro-japh < > ************************************************************************* > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970610194033.27049D-100000>