From: John Jolet (john.jolet@FXFN.COM)
Date: Wed Feb 25 2004 - 16:11:13 EST
as the comments say....be very careful with this sort of mechanism. make sure
you've exhausted your other options...have you tried sudo?
On Wednesday 25 February 2004 02:52 pm, you wrote:
> Here is an example of a setuid C program wrapper:
>
> /*
> C program wrapper so that scripts can be run suid root.
> !!!USE at your own risk!!!
> */
>
> #include <pwd.h>
> #include <sys/resource.h>
>
> main(argc, argv) int argc; char *argv[]; {
> struct passwd *pw = getpwnam("root");
> setpriority(PRIO_PROCESS, 0, -20);
> setuid(pw->pw_uid);
> execv("fullpath and name of your script here", argv);
> }
>
> On Wed, Feb 25, 2004 at 02:35:20PM -0600, John Jolet wrote:
> > if they can't read the script, how can the bash shell interpret it? the
> > only way to do this is with a setuid wrapper program. aix disallows
> > setuid shell scripts, so you'll most likely have to write it in c or
> > something.
> >
> > On Wednesday 25 February 2004 02:16 pm, you wrote:
> > > Hi *,
> > > I have a script which has a password stored in it, and i
> > > want some of the identified users to be able to execute this script,
> > > The user is unable to execute after setting the execute bit on the
> > > script, but once i give read permission also to that user, he is able
> > > to do execute. pl let me know is there any way where i can allow the
> > > other user to execute but still disable him to read the script.
> > >
> > > TIA
> > > Praveen.K
> > >
> > >
> > > *********************
> > > Internet communications are not necessarily secure and may be
> > > intercepted or changed after they are sent. cahoot does not accept
> > > liability for any such changes.
> > > If you wish to confirm the origin or content of this communication,
> > > please contact the sender using an alternative means of communication.
> > >
> > > This communication does not create or modify any contract.
> > >
> > > This email may contain confidential information intended solely for use
> > > by the addressee. If you are not the intended recipient of this
> > > communication you should destroy it without copying, disclosing or
> > > otherwise using its contents.
> > >
> > > Please notify the sender immediately of the error.
> > >
> > > cahoot is a division of Abbey National plc.
> > > Abbey National plc is registered in England, registered number 2294747.
> > > Registered Office: Abbey National House, 2 Triton Square, Regent's
> > > Place, London, NW1 3AN.
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:17:37 EDT