Date: Mon, 21 Jul 2003 22:31:44 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: "Gerald S. Stoller" <gs_stoller@hotmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: set user-id Message-ID: <20030721222719.Q31748-100000@ren.sasknow.com> In-Reply-To: <Sea1-F31zp2IZuSTOk00001963b@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Gerald S. Stoller wrote to freebsd-questions@freebsd.org:
> FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE #0: Sat Apr 21 10:54:49 GMT
> 2001 jkh@narf.osd.bsdi.com:/usr/src/sys/compile/GENERIC i386
>
> As root, I made a text file (named t ) that did
> something like
> echo $USER | tee xx
Please give complete examples. As posted, your example wouldn't run
without invoking sh(1) first. I'm assuming it was something like:
#!/bin/sh
echo $USER | tee xx
> and then had it set user-id (I did 'chmod 4755 t'). As a plain
> user, I made a directory that only root can write my current
> directory and then invoked t (by giving a path-name to it). It
> reported that the USER was the plain user and couldn't write into
> the directory. It appears that the set user-id didn't work, but I
> also checked t with ls -l and the permissions were rwsr-xr-x ,
> exactly like that of passwd and xterm (except maybe for the write
> permission of the owner).
> How do I get set user-id to work?
Your permissions are fine, but you're hitting a more subtle problem:
S*id bits don't work for interpreted scripts (denoted by the shebang,
#!), by design. If you'd compiled the equivalent example to a binary,
I'd expect it to work as you intended.
- Ryan
--
Ryan Thompson <ryan@sasknow.com>
SaskNow Technologies - http://www.sasknow.com
901-1st Avenue North - Saskatoon, SK - S7K 1Y4
Tel: 306-664-3600 Fax: 306-244-7037 Saskatoon
Toll-Free: 877-727-5669 (877-SASKNOW) North America
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030721222719.Q31748-100000>