From owner-freebsd-questions@FreeBSD.ORG Wed May 11 14:17:32 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2DF28106564A for ; Wed, 11 May 2011 14:17:32 +0000 (UTC) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: from gizmo.acns.msu.edu (gizmo.acns.msu.edu [35.8.1.43]) by mx1.freebsd.org (Postfix) with ESMTP id E91258FC1C for ; Wed, 11 May 2011 14:17:31 +0000 (UTC) Received: from gizmo.acns.msu.edu (localhost [127.0.0.1]) by gizmo.acns.msu.edu (8.13.6/8.13.6) with ESMTP id p4BEEK4v041312; Wed, 11 May 2011 10:14:20 -0400 (EDT) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: (from jerrymc@localhost) by gizmo.acns.msu.edu (8.13.6/8.13.6/Submit) id p4BEEKVY041311; Wed, 11 May 2011 10:14:20 -0400 (EDT) (envelope-from jerrymc) Date: Wed, 11 May 2011 10:14:20 -0400 From: Jerry McAllister To: Chris Telting Message-ID: <20110511141420.GD41080@gizmo.acns.msu.edu> References: <4DC9DE2C.6070605@telting.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4DC9DE2C.6070605@telting.org> User-Agent: Mutt/1.4.2.2i Cc: freebsd-questions@freebsd.org Subject: Re: Established method to enable suid scripts? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 May 2011 14:17:32 -0000 On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote: > I've googled for over an hour. > > I'm not looking to get into a discussion on security or previous bugs > that are currently fixed. Suid in and of itself is a security issue. > But if you are using suid it it should work; I don't want to use a > kludge and I don't want to use sudo. I'm hoping it's a setting that is > just disabled by default. My understanding is that in general the system does not allow SUID on scripts. The way I have gotten around that (a long time ago) was to create a small binary that exec's the script and making the binary SUID. Security cautions apply. ////jerry > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"