From owner-freebsd-questions  Wed Jun 11 06:21:22 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id GAA22535
          for questions-outgoing; Wed, 11 Jun 1997 06:21:22 -0700 (PDT)
Received: from buffnet4.buffnet.net (buffnet4.buffnet.net [205.246.19.13])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA22530
          for <freebsd-questions@FreeBSD.ORG>; Wed, 11 Jun 1997 06:21:20 -0700 (PDT)
Received: from buffnet9.buffnet.net (buffnet9.buffnet.net [205.246.19.19]) by buffnet4.buffnet.net (8.7.5/8.7.3) with SMTP id JAA04982; Wed, 11 Jun 1997 09:21:43 -0400 (EDT)
Received: from buffnet11.buffnet.net(205.246.19.55) by buffnet9.buffnet.net via smap (V2.0)
	id xma020084; Wed, 11 Jun 97 09:20:05 -0400
Date: Wed, 11 Jun 1997 09:21:25 -0400 (EDT)
From: Steve Hovey <shovey@buffnet.net>
To: "Joshua J. Ellis" <ellis@kcc.com>
cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@FreeBSD.ORG>
Subject: Re: Set execution UID on script
In-Reply-To: <01BC75C2.A3B27CA0.ellis@kcc.com>
Message-ID: <Pine.BSI.3.95.970611092114.9324C-100000@buffnet11.buffnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Shell scripts cant be suid for security reasons.

On Tue, 10 Jun 1997, Joshua J. Ellis wrote:

> 
> I'm missing something on a script I'm attempting to setup for an 
> administration group.  The script is this:
> 
> #!/bin/sh
> kill -hup `cat /var/run/named.hup`
> 
> I then do a "chown root:staff rs-named" followed by a "chmod 6750 rs-named". 
>  That gives me an set of permissions like this:
> 
> -rwsr-s---  1 root  staff      46 Jun 10 16:56 rs-named
> 
> Shouldn't this allow users of the 'staff' group to successfully execute this 
> command?  When I try to execute it as anyone but root, I get the following 
> error:
> 
> kill: 230: Operation not permitted
> 
> 230 is the PID of named.  If it is executing as root, why is kill refusing to 
> send a message to the process?
> 
> -joshua
> --
> ****[ S-D-G ]***************************************[-0.8090169943749]***
> Joshua Ellis, IS Consultant - Omni Resources, Green Bay, WI (800)236-2332
> ellis@kcc.com                               http://www.kimberly-clark.com
> joshe@elltech.com                           http://www.joshua.elltech.com
>  > poet-apostate-philosopher-musician-pinhead-hwarang-webmaestro-japh <
> *************************************************************************
> 
> 
>