Quote:
|
No Unix that I know of will execute a shell script setuid, even if the setuid bit is on.
|
Here's an example. Script A and script B. Script A is set with 4755 "root : other" permissions, script B is set with 100 "root : other" permissions:
-rwsr-xr-x 1 root other 123 Mar 29 15:19 a
---x------ 1 root other 119 Mar 29 15:19 b
Script A is as follows:
#!/bin/ksh
echo "\nIn A"
echo "id --- \c"
id
echo "whoami --- \c"
/usr/ucb/whoami
echo "who am i --- \c"
who am i
./b
Last line, you'll see that A calls B.
Script B is as follows:
#!/bin/ksh
echo "\nin B"
echo "id --- \c"
id
echo "whoami --- \c"
/usr/ucb/whoami
echo "who am i --- \c"
who am i
Changing to login testme and attempting to run B:
$ ./b
ksh: ./b: cannot execute
$
And running A:
$ ./a
In A
id --- uid=100(testme) gid=20(testme) euid=0(root)
whoami --- root
who am i --- root pts/7 Mar 29 15:10 (machine hidden)
in B
id --- uid=100(testme) gid=20(testme) euid=0(root)
whoami --- root
who am i --- root pts/7 Mar 29 15:10 (machine name)
$
Fairly simple and quick test to setup
. Notice the effective uid and read uid are different.
Glad you got your script working...
