[CLUG-tech] Freebsd - Execute as Root

Hendrik Visage hvjunk at gmail.com
Thu Feb 9 12:49:47 SAST 2006

On 2/9/06, Jonathan Hitchcock <vhata-clug at rucus.ru.ac.za> wrote:
> Jonathan Hitchcock wrote:
> > Sudo can be configured not to ask for a password, if you so wish.  It's
> > all in the sudoers man page.
> If you don't want to, or can't, install sudo, then it's time to go
> old-skool ;-)
> Scripts can't be suid, because they're interpreted

BEEEPPP!!!! Wrong :)

Actually ksh, sh (as in Bourne) and I recall csh have an option to
be included in the #! line to make them accept the SUID
bit of the script and handle it accordingly.

>- a bash script is
> just input for the bash interpreter,

true, but not quite

> which is not suid, regardless of
> whether the bash script is.

Actually not. The script's SUID status is set by the kernel (Or at
least in decent kernels like Solaris) for that process and  then the
#! interpreter is exec'd with the script as input etc.

>  Perl used to get around this with suidperl
> - it would detect whether the perl script was marked as suid, and if it
> was, it would suid itself.  Helluva insecure.

Yeah, but perl had lots of insecure stuff in it that could be abused
and that's why it takes "extra" precautions with the tainted stuff etc.

> The trick to running suid scripts is to make a C program which simply
> does an exec() call on your script.

One method I have used before I noticed the shell command line
switches allowing SUID shell scripts.

>From zsh's info page (and pdksh also have this -p option):
PRIVILEGED (-p, ksh: -p)
     Turn on privileged mode. This is enabled automatically on startup
     if the effective user (group) ID is not equal to the real user
     (group) ID.  Turning this option off causes the effective user and
     group IDs to be set to the real user and group IDs. This option
     disables sourcing user startup files.  If zsh is invoked as `sh'
     or `ksh' with this option set, /etc/suid_profile is sourced (after
     /etc/profile on interactive shells). Sourcing ~/.profile is
     disabled and the contents of the ENV variable is ignored. This
     option cannot be changed using the -m option of setopt and
     unsetopt, and changing it inside a function always changes it
     globally regardless of the LOCAL_OPTIONS option.

Hendrik Visage

More information about the Clug-tech mailing list