Date: Fri, 28 Aug 2009 11:54:19 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Jeronimo Calvo <jeronimocalvop@googlemail.com> Cc: freebsd-questions@freebsd.org Subject: Re: SUID permission on Bash script Message-ID: <87y6p4pbd0.fsf@kobe.laptop> In-Reply-To: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com> (Jeronimo Calvo's message of "Fri, 28 Aug 2009 09:24:35 %2B0100") References: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 28 Aug 2009 09:24:35 +0100, Jeronimo Calvo <jeronimocalvop@googlemail.com> wrote:
> Hi folks!
>
> Im trying to set up a reaaallly basic scrip to allow one user to shutdown my
> machine without root permisions, seting up SUID as follows:
>
>
> -rwsrwxr-- 1 root wheel 38 Aug 27 23:12 apagar.sh
>
> $ ./apagar.sh
>
> Permission denied
>
>
> content of script:
>
>
> cat apagar.sh
>
> ]#!/usr/local/bin/bash
> shutdown -p now
>
> As far as i know, using SUID, script must runs with root
> permissions... so i shoudnt get "Permission denied", what im doing
> wrong??
No it must not. There are security reasons why shell scripts are not
setuid-capable. You can find some of them in the archives of the
mailing list, going back at least until 1997.
The good thing is that you don't need a shell script to do that. You
can install `sudo' and give permission to the specific user to run:
sudo shutdown -p now
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87y6p4pbd0.fsf>