Eric, you can. chown root.system chmod u=rws,g=rx,o=rx As well as making the file owned by root, and turning SetUID on to mean the script runs as its owner, you also need to give other users execute permission on the file. Regarding running shells scripts as root, you could perhaps compile the shell script in to machine code with a few utilities available. Have a hunt on google and rpmfind. -------------------------- But the problem does draw attention that NOTHING should be run as root anyway in a system with appropriately fine grained access controls, which Linux's legacy RWXS is not. Why the hell does SSHd need to create devices? RWXS permissions are, in essence, shite. Hell, most Linux's screw up if you rename UID 0. That's pathetic. Mike Craig Van Degrift wrote: > Eric, > > I recall that running scripts with suid set is disallowed. A reference is > given in the O'Reilly "Learning the Bash Shell" book, 2nd Ed., page 255. > > "Modern system administration wisdom says that creating suid shell scripts is > a very, very bad idea. In fact, some versions of UNIX intentionally disable > the suid feature for shell scripts." > > Highly recommend the book. > > Craig Van Degrift > > On Friday 15 December 2000 09:01, you wrote: > > > > I've RTFM, and then read it again, I'm missing something OBVIOUS. > > > > I'm trying to build a simple script which executes one line, but it > > needs root permission. So, I built the one line script, did a chown > > root.system script ; chmod 6755 script. > > > > However it acts like the script is running still as the underprivileged > > user. > > > > Can I not allow a less powered user to run a command as root by using a > > script and the S bit? > > > > If so what am I missing!! > > > > Thanx > > > > Eric > > ---------------------------------------- > Content-Type: text/plain; charset="us-ascii"; name="message.footer" > Content-Transfer-Encoding: 8bit > Content-Description: > ---------------------------------------- > > ------------------------------------------------------------------------ > Keep in touch with http://mandrakeforum.com: > Subscribe the "[EMAIL PROTECTED]" mailing list. -- ------------------------------------------ Mike MacCana Support Consultant C Y B E R S O U R C E Level 9, 140 Queen St Melbourne 3000 Ph : +61 3 9642 5997 Fax: +61 3 9642 5998
Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
