Perhaps a better idea than a setuid shell script, would be to figure out just what it is about your script that really needs to be executed as root.

When write a C program that can do just that one thing - and absolutely nothing else.

If it takes any kind of input, or command line parameters, then it must validate them very carefully, to ensure that it's not being misused.

Then your script could call that C program whenever it needs that privileged operation performed.

Suppose you were to give the keys to your Lamborghini to a parking attendant.

Wouldn't you want to trust that he wasn't going to sell your Lamborghini to a chop shop?

Writing a setuid program is just like that: writing one poorly is like handing your race car keys to a car thief.

He might not steal your car today, but if you're not careful about how you hand out your trust, he will someday.

Michael David Crawford - We Don't Assume You Are Stupid.

      Xen-Powered Virtual Private Servers:
_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Reply via email to