> -----Original Message----- > Thanks John; this is promising! > > One thing that I am having trouble with is the permissions. I > set them up as above, with the group = to the user's group. > The file permissions are: > -rws--x--x 1 root cubs > The basic code is: > >CT PROS-BP SJF.TEST.SH > > SJF.TEST.SH > 0001 EXECUTE 'SH -c "test.sh ':@logname:'"' > > The output is: > >run PROS-BP SJF.TEST.SH > /bin/sh: /u1/dbms/TCR/test.sh: 0403-016 Cannot find or open the file. > > I need to give 'r'ead access to the 'cubs' group for this to work. > However, if I run the script from UNIX with the permissions > set as John suggested it works fine. I would prefer not to > give users the ability to read the file. It looks like the > basic code needs to read the file before it can execute it. > > What is it about calling the program from basic, that > requires 'r'ead access for the group, but from unix it is okay? > > Thanks, > Steve
I can't explain that. "SH -c" should just spawn a new shell process. It won't really hurt anything to give read permissions to group though. It just makes the script a little more secure if non-priviledged users can't see its contents, but most likely your users can't get access to a unix shell prompt anyway. You might also try adding read permissions to group and changing the group to root (or whatever the AIX admin group is): -rwsr-x--x 1 root root That's a more common setup for executables. -John ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
