[Techtalk] wrapping unix commands
Conor Daly
c.daly at met.ie
Mon Apr 25 19:16:44 EST 2005
On Thu, Apr 21, 2005 at 02:05:00PM -0400 or thereabouts, overhaul wrote:
>
> ok, I succeeded in writing and compiling the wrapper but it doesn't seem
> to run setuid(0)
>
> setuid(0);
> setgid(0);
> but no dice.
You're never allowed to setuid(0) unless you're already uid 0. Even if you
start out as uid 0 and do 'setuid(99)', you won't be allowed do 'setuid(0)'
after that. You'll need either to give the wrapper suid permissions
'chmod +s <wrapper_script>'
or use sudo (the preferred option). sudo allows a specified user run
specified command(s), with (or without) specified arguments, with (or
without) a password, from a specific (or any) host. See 'man sudo' and
'man sudoers' for details.
Conor
--
Conor Daly, Please avoid sending me
Met Eireann, Glasnevin Hill, Word or PowerPoint attachments.
Dublin 9, Ireland http://www.fsf.org/philosophy/no-word-attachments.html
Ph +3531 8064276 Fax +3531 8064247
**********************************************************************
This e-mail and any files transmitted with it are confidential
and intended solely for the addressee. If you have received
this email in error please notify the sender.
This e-mail message has also been scanned for the
presence of computer viruses.
**********************************************************************
More information about the Techtalk
mailing list