Re: [Sheflug] running as root

[Al Hudson <nospam [at] york.ac.uk>]

Hmmm, I'm working from memory here, so I reserve the right to be
misinformed.... ;)))

On Wed, 3 May 2000, Chris J/#6 wrote:

> > Just kidding... 'chmod +s [file]' sets the 's' bit (bet you never knew
> > about that?), which means 'Run me as root'. Or, 'Let me do what the heck I
> > please' ;))

. I also forgot chown root:user [file], although user may be different on
your system, just choose any valid group...

> Unless Linux's system has changed recently, set-uid scripts *won't* work - 
> they're considered a huuuuuuuuuuuuuuuuuuge security hole.

Well, I've just tried it and it works. (2.0.36). I don't think I've
buggered the kernel in any way, although it's been going for years (well,
more than one!) now, so it's possible I've forgotton. But anyway, I think
you are confusing real & effective UIDs and GUIDs here. 

> Which they are, 
> when you know how to get round them.

I *did* point this out... 

> Race type conditions are ripe :)

Err, are you sure about that? Off the top of my head, I can't think of
one. 

> Try it 
> yourself - a script with two lines:
> 	#!/bin/sh
> 	id
> 
> chown root.root then chmod 4755, and run it.

Try this: (it's C, obviously)

#include <stdio.h>
#include <unistd.h>

void main(void) { /* I know you don't void(void), just for the record */
	printf("User id: %d\nis effectively: %d\n", getuid(), geteuid());	
	printf("Group id: %d\nis effectively: %d\n", getgid(), getegid());
}

Save as test.c, or something, type 'make test'. Play around with it. EUID:
root.

> The best thing to do is to use sudo to run the script, or, if you *know* the 
> script is secure, create a C wrapper for it along the lines of:

Sudo is good for accounting ;)

> 	main()

You're worse than me ;)

> 	{
> 		system ("/usr/bin/myshellscript");
> 		return 0;
> 	}

Although at least you return int .. :)))

> > For this kind of thing, I guess it's okay, but remember running as root in
> > general is not /fabulous/, and you instantly loose any Linux Guru points
> > that you might have accumulated ;)
> 
> It depends what you want to do in the script really :) Processing log files 
> can be done with a simple permissions change; scripts to addusers should 
> really be written in C or Perl (with sperl) and have silly amounts of sanity 
> checks. If its admin stuff, look at setting up sudo. If its on a multi-user 
> box and you trust your users (ie, you'd give them the root password happily), 
> then its a non-issue. If you don't trust your users, then careful how you go 

As always, it depends on circumstances...

Cheers,

Alex.


---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.