Wade Brown wrote:
I thought linux wouldn't allow suid shell scripts to work as suid.
The reasoning is a shell script doesn't quite execute, it gets
interpeted by the command on the first line. Just as a test I made a
simple script modded root.root 4755 that consists of the /bin/bash
line, and cat /etc/shadow. Root can run just fine obviously, but
permissions don't exist for other users to do that.
Works fine on my machine. /opt/vmware/lib/vmware/bin/vmware-vmx is a
setuid shell script that I wrote to startup vmware with the wrapper
library to get vmware to work with arts. Also my permissions on that
file are 4711, so maybe there is something special about the global read
bit? Or possibly dependant upon what LSM modules you have loaded/enabled?
What may work a little better is either chmod s+x `which shutdown`, or
writing a C wrapper and modding that s+x.
I agree that the C wrapper is definetly the most secure option.
-Richard
--
gentoo-user@gentoo.org mailing list
