Why can't I write a setuid shell script? From: mww@microfocus.com (Michael Wojcik)
AIX, as of about the first release of 3.2.5* does not allow SUID scripts.
(It ignores the SUID and SGID bits on scripts.) They're a huge security
hole.
If you really want to run a script SUID, you can create a small C program
that does a setuid(0) and then system()'s your script. (Actually, the
setuid() call isn't necessary on all Unixes; IIRC, it's not on AIX 3.2.5,
but YYMV.) Make the program SUID. Be very careful.
There are other similar solutions. You might also want to look into
sudo, which handles this sort of thing in a somewhat more controlled
manner
* Julianne Frances Haugh (jfh@tab.com) writes:
I raised an objection to set-ID shell scripts before AIX 3.1 was
golden. ... it was finally done in the 3009 PTF for AIX 3.1.
| Home | FAQ |
XML Feeds