[Techtalk] wrapping unix commands

Conor Daly c.daly at met.ie
Mon Apr 25 19:16:44 EST 2005

On Thu, Apr 21, 2005 at 02:05:00PM -0400 or thereabouts, overhaul wrote:
> ok, I succeeded in writing and compiling the wrapper but it doesn't seem 
> to run setuid(0)
>         setuid(0);
>         setgid(0);
> but no dice.

You're never allowed to setuid(0) unless you're already uid 0.  Even if you
start out as uid 0 and do 'setuid(99)', you won't be allowed do 'setuid(0)'
after that.  You'll need either to give the wrapper suid permissions 
'chmod +s <wrapper_script>'
or use sudo (the preferred option).  sudo allows a specified user run
specified command(s), with (or without) specified arguments, with (or
without) a password, from a specific (or any) host.  See 'man sudo' and
'man sudoers' for details.

Conor Daly,                   Please avoid sending me 
Met Eireann, Glasnevin Hill,  Word or PowerPoint attachments.
Dublin 9, Ireland             http://www.fsf.org/philosophy/no-word-attachments.html
Ph +3531 8064276 Fax +3531 8064247

This e-mail and any files transmitted with it are confidential 
and intended solely for the addressee. If you have received
this email in error please notify the sender.
This e-mail message has also been scanned for the
presence of computer viruses.

More information about the Techtalk mailing list