[CLUG-tech] Freebsd - Execute as Root
hvjunk at gmail.com
Thu Feb 9 12:49:47 SAST 2006
On 2/9/06, Jonathan Hitchcock <vhata-clug at rucus.ru.ac.za> wrote:
> Jonathan Hitchcock wrote:
> > Sudo can be configured not to ask for a password, if you so wish. It's
> > all in the sudoers man page.
> If you don't want to, or can't, install sudo, then it's time to go
> old-skool ;-)
> Scripts can't be suid, because they're interpreted
BEEEPPP!!!! Wrong :)
Actually ksh, sh (as in Bourne) and I recall csh have an option to
be included in the #! line to make them accept the SUID
bit of the script and handle it accordingly.
>- a bash script is
> just input for the bash interpreter,
true, but not quite
> which is not suid, regardless of
> whether the bash script is.
Actually not. The script's SUID status is set by the kernel (Or at
least in decent kernels like Solaris) for that process and then the
#! interpreter is exec'd with the script as input etc.
> Perl used to get around this with suidperl
> - it would detect whether the perl script was marked as suid, and if it
> was, it would suid itself. Helluva insecure.
Yeah, but perl had lots of insecure stuff in it that could be abused
and that's why it takes "extra" precautions with the tainted stuff etc.
> The trick to running suid scripts is to make a C program which simply
> does an exec() call on your script.
One method I have used before I noticed the shell command line
switches allowing SUID shell scripts.
>From zsh's info page (and pdksh also have this -p option):
PRIVILEGED (-p, ksh: -p)
Turn on privileged mode. This is enabled automatically on startup
if the effective user (group) ID is not equal to the real user
(group) ID. Turning this option off causes the effective user and
group IDs to be set to the real user and group IDs. This option
disables sourcing user startup files. If zsh is invoked as `sh'
or `ksh' with this option set, /etc/suid_profile is sourced (after
/etc/profile on interactive shells). Sourcing ~/.profile is
disabled and the contents of the ENV variable is ignored. This
option cannot be changed using the -m option of setopt and
unsetopt, and changing it inside a function always changes it
globally regardless of the LOCAL_OPTIONS option.
More information about the Clug-tech