Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Allow user without dir write permission to execute a script that creates files
Top Forums UNIX for Advanced & Expert Users Allow user without dir write permission to execute a script that creates files Post 302882647 by waavman on Wednesday 8th of January 2014 10:56:02 AM
Old 01-08-2014
Hi MadeInGermany,

The shebang with the -p option does not help either.
Linux just adamantly wants to ignore LD_LIBRARY_PATH variable when the calling binary is setuid regardless of how high up the call chain it is.
So i finally abandoned the setuid option and as suggested by you ealier and rbatte1, have decided to go with the SUDOERS option which works fine.
There is no such LD_LIBRARY_PATH restriction in SUDOERS which I am guessing is because SUDOERS limits access to a limited set of users that are added in the /etc/sudoers file for that script, where as setuid gives access to that binary to anybody who has a login on that unix box and so they want to mitigate the risk.
If users field is set to ALL in /etc/sudoers for a particular script or binary, then even SUDOERS poses a similar risk level as setuid.

thanks for your help.
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Find all files with group read OR group write OR user write permission

I need to find all the files that have group Read or Write permission or files that have user write permission. This is what I have so far: find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}' It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies

2. Solaris

cant able to change permission in a DIR as root user

Hi my directory not accepting any commands. its simply telling permission denied. i tried ( cp, mv, rm ) as roor i want to set default permissons to this DIR please find the Logs below. dr-xr-xr-x 1 root root 1 Jun 1 09:04 AP1_ROP ( original dir) root> chmod 777... (5 Replies)
Discussion started by: vijayq8
5 Replies

3. Shell Programming and Scripting

write permission to a perticular user to a directory

Hi, The requirement is like, the program needs 2 argument one is user_id and second one is directory path. My script will check if that user_id has write access to the directory path. The directory path may be in any file system like AFS or NFS. Can any one please suggest some points to... (1 Reply)
Discussion started by: siba.s.nayak
1 Replies

4. Shell Programming and Scripting

search any user files with write permission

Guys, i wanna get any user files with write permission (on user or group permission) for review but i confuse with -perm parameter. any body can help me to explain what is that mean? thank's (1 Reply)
Discussion started by: michlix
1 Replies

5. Shell Programming and Scripting

perl script to check read/write/execute permission for 'others'

I want to check access rights permissions not for 'user', not for 'group', but for 'others'. I want to do it by system command in which i want to use 'ls -l' and 'awk' command. I have written the following program : #!/usr/bin/local/perl #include <stdlib.h> system ("ls -l | awk... (1 Reply)
Discussion started by: shubhamsachdeva
1 Replies

6. UNIX for Dummies Questions & Answers

Provide execute permission to a user

Hi, I have a shell script(test.sh) and need to give execute permission for this shell script to user group cobr_sftp and oracle. Could you please help as to how to give this permission. I have already given full access(777) to script test.sh. Does this mean all the users/user group can access... (1 Reply)
Discussion started by: abhi_123
1 Replies

7. Web Development

Apache write permission issues to another user owned directory

Hi I am trying to make a web program which is command line equivalent. i have done the coding in cgi program in perl and html for basic forms to take inputs. when i ran the program from web application i see permission denied messages. after analyzing i found apache is running as wwwrun which... (2 Replies)
Discussion started by: rakeshkumar
2 Replies

8. UNIX for Beginners Questions & Answers

Setting write permission for particular user

Hi All, We have a scenario in production where we want only one user from a group to modify the file. The file is not set to write permission for application manager. -r--r--r-- 1 amgr u00 15661716 Aug 30 00:06 DCI.dat So here amgr will have permission to edit the file. We want a... (10 Replies)
Discussion started by: arunkumar_mca
10 Replies

9. AIX

Assign read write permission to the user for specific dir and it's sub dir and files in AIX

I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. I do not want to assign user the same group of that directories too.... (0 Replies)
Discussion started by: blinkingdan
0 Replies

LEARN ABOUT PHP

setuid

SETUID(1)						      General Commands Manual							 SETUID(1)

NAME

       setuid - run a command with a different uid.

SYNOPSIS

       setuid username|uid   command [ args ]

DESCRIPTION

       Setuid  changes	user id, then executes the specified command.  Unlike some versions of su(1), this program doesn't ever ask for a password
       when executed with effective uid=root.  This program doesn't change the environment; it only changes the uid and then uses execvp() to find
       the command in the path, and execute it.  (If the command is a script, execvp() passes the command name to /bin/sh for processing.)

       For example,
	      setuid  some_user  $SHELL
       can be used to start a shell running as another user.

       Setuid  is  useful  inside  scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
       execute some commands using the uid of the original user, instead of root.  This allows unsafe commands (such as editors and pagers) to	be
       used  in  a  non-root  mode inside a super script.  For example, an operator with permission to modify a certain protected_file could use a
       super command that simply does:
	      cp protected_file temp_file
	      setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
	      cp temp_file protected_file
       (Note: don't use this example directly.	If the temp_file can somehow be replaced by another user, as might be the case if it's kept  in  a
       temporary  directory,  there  will  be a race condition in the time between editing the temporary file and copying it back to the protected
       file.)

AUTHOR

       Will Deich

								       local								 SETUID(1)
All times are GMT -4. The time now is 12:21 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy