On Tue, Jan 07, 2003 at 05:32:08PM -0800, Todd A. Jacobs wrote: > On Tue, 7 Jan 2003, Burke, Thomas G. wrote: > > > I have some script shell (belong to root). I would like it to be > > executable by every users but i don't want it to be readable by others > > users. > > Can't be done directly. A shell script *must* be readable (and *can* be > executable), since it's interpreted by the shell. > > If you absolutely must do this, though, you can create a wrapper script > that's SUID to an account with permissions to run the "secret" script, but > SUID scripts harbor their own dangers.
There is a problem with this, see the man page: "man 2 execve" Near the end of the page is the following (in the Notes section): "Linux ignores the SUID and SGID bits on scripts." This means you cannot create a script based SUID wrapper. It can still be done with a very small c program. An example of one was posted to this list earlier today under this same topic.. -- Jeff Kinz, Emergent Research, Hudson, MA. "[EMAIL PROTECTED]" "[EMAIL PROTECTED]" copyright 2002. Use is restricted. Any use is an acceptance of the offer at http://users.rcn.com/jkinz/policy.html. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
