Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sudo must be setuid root.
Operating Systems AIX sudo must be setuid root. Post 302399332 by pludi on Saturday 27th of February 2010 09:23:45 AM
Old 02-27-2010
Quick question: did you really, really read the thread so far? And why do you think the permissions on a link even remotely influence the file linked to?

Check the permissions for /opt/freeware/bin/sudo. If that's a link too, follow it again. Repeat until you encounter a regular file. That needs to have 3 certain attributes:
  • it has to be owned by the user root
  • it has to have the sticky bit set (chmod u+s as root)
  • it has to be executable for those allowed to use it
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Setuid root and chown

I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is? (6 Replies)
Discussion started by: johnmsucpe
6 Replies

2. Linux

sudo, root password

Hi all.. I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager. Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)
Discussion started by: penguin-friend
5 Replies

3. UNIX for Advanced & Expert Users

Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue

Hi, I have a program with the following suid setup -rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above. But when the... (7 Replies)
Discussion started by: 0ktalmagik
7 Replies

4. UNIX for Dummies Questions & Answers

sudo/root access

I'm actually working with a Ubuntu-System here and have a question about executing a command with 'sudo'. I tried and got a error message like "not allowed". After this I logged in with 'sudo -s' and typed the command without 'sudo'. This worked well. Can please somebody explain me this... (0 Replies)
Discussion started by: daWonderer
0 Replies

5. UNIX for Dummies Questions & Answers

Sudo to delegate permission from non-root user to another non-root user

I've been through many threads before i decide to create a separate thread. I can't really find the solution to my (simple) problem. Here's what I'm trying to achieve: As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user. The only to achieve this is to... (1 Reply)
Discussion started by: canar
1 Replies

6. UNIX for Dummies Questions & Answers

sudo on becoming root

Anyone able to explain why if i run "sudo -i" or "sudo -s" i am able to get into root by just keying my own password? How to avoid this from happening coz i need all the users to use su - only. (2 Replies)
Discussion started by: timmywong
2 Replies

7. Red Hat

Sudo to user other than root but do not allow sudo to root

I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
Discussion started by: westmoreland
1 Replies

8. Solaris

Sudo access of rm to non-root user

Hello, It is Solaris-10. There is a file as /opt/vpp/dom1.2/pdd/today_23. It is always generated by root, so owned by root only. This file has to be deleted as part of application restart always and that is done by app_user and SA is always involved to do rm on that file. Is it possible to give... (9 Replies)
Discussion started by: solaris_1977
9 Replies

9. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies

10. UNIX for Beginners Questions & Answers

Sudo to root, but keep my own aliases?

I have a coworker that has set up some funky aliases in /etc/bash.alias, and he insists on leaving them that way. For example he aliased "ll" to "ls -lahtr", which really bugs me. Anyway, I was wondering if there were a way for me to sudo to root without reading /etc/bash.alias, or maybe have... (6 Replies)
Discussion started by: paqman
6 Replies

LEARN ABOUT DEBIAN

logindevperm

logindevperm(4)                                                    File Formats                                                    logindevperm(4)

NAME

       logindevperm, fbtab - login-based device permissions

SYNOPSIS

       /etc/logindevperm

DESCRIPTION

       The  /etc/logindevperm  file  contains  information  that is used by login(1) and ttymon(1M) to change the owner, group, and permissions of
       devices upon logging into or out of a console device. By default, this file contains lines for the keyboard, mouse, audio, and frame buffer
       devices.

       The owner of the devices listed in /etc/logindevperm is set to the owner of the console by login(1). The group of the devices is set to the
       owner's group specified in /etc/passwd. The permissions are set as specified in /etc/logindevperm.

       Fields are separated by TAB and/or SPACE characters. Blank lines and comments can appear anywhere in the file; comments start with a  hash-
       mark, ` # ', and continue to the end of the line.

       The first field specifies the name of a console device (for example, /dev/console). The second field specifies the permissions to which the
       devices in the device_list field (third field) will be set.  These permissions must be expressed in octal format.  For  example,  O774.   A
       device_list  is  a  colon-separated list of device names.  Note that a device name must be a /dev link.  A device entry that is a directory
       name and ends with "/*" specifies all entries in the directory (except "." and ".."). For example, "/dev/fbs/*" specifies all frame  buffer
       devices.

       Once the devices are owned by the user, their permissions and ownership can be changed using chmod(1) and chown(1), as with any other user-
       owned file.

       Upon logout the owner and group of these devices will be reset by ttymon(1M) to owner root and root's group  as  specified  in  /etc/passwd
       (typically other). The permissions are set as specified in the /etc/logindevperm file.

FILES

       /etc/passwd     File that contains user group information.

SEE ALSO

       chmod(1), chown(1), login(1), ttymon(1M), passwd(4)

NOTES

       /etc/logindevperm provides a superset of the functionality provided by /etc/fbtab in SunOS 4.x releases.

SunOS 5.10                                                          22 Oct 2003                                                    logindevperm(4)
All times are GMT -4. The time now is 03:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy