UNIX for Advanced & Expert Users

though the user is guest here - its running as root

which means read permission is inevitable, only when it can read it can execute

Your statement is incorrect. The script is running as a different user, jlliagre here, not root.
The guest user is still unable to read the script he runs with the solution I suggest.

Code:

# cat hi.ksh
#!/bin/ksh -p
echo hello
id
# su - guest
$ /var/tmp/hi.ksh
hello
uid=10000(guest) gid=10000(guest) euid=20000(jlliagre)
$ cat /var/tmp/hi.ksh
cat: /var/tmp/hi.ksh: cannot open [permission denied]

That might work - there is just one problem, though: scripts are NOT allowed to run suid, on no Unix platform. The reason is security.

I hope this helps.

bakunin

Do you mean Solaris isn't a Unix platform or are you talking about security best practices ?

It is not working.
Example

kganeshb@its04489:~/scripts $ cat ex.sh
#!/bin/ksh -p
echo hello
kganeshb@its04489:~/scripts $ sh ex.sh
hello
Different user
eravich1@its04489:/home/kganeshb/scripts $ ls -l ex.sh
-rws--x--x 1 kganeshb users 25 Jan 8 15:14 ex.sh
eravich1@its04489:/home/kganeshb/scripts $ ./ex.sh
/bin/ksh: ./ex.sh: Permission denied
eravich1@its04489:/home/kganeshb/scripts $ sh ex.sh
ex.sh: ex.sh: Permission denied
eravich1@its04489:/home/kganeshb/scripts $ cat ex.sh
cat: ex.sh: Permission denied

Oh, it's my fault.

Script is really not working without r. But binary file can be executed without only x.

At the first time, I tried by a binary file, which results a wrong conclusion. sorry.

Kingganesh04, it would help if you tell what Unix variant you are using.

While many Unix OSes will ignore suid scripts, my example certainly works under Solaris and possibly under other Unix implementations.

Although root suid scripts are certainly risky and a bad security practice, I don't see that much a risk suid'ing to another non privileged user like I show.