[CLUG-tech] Freebsd - Execute as Root
vhata-clug at rucus.ru.ac.za
Thu Feb 9 13:06:29 SAST 2006
Hendrik Visage wrote:
>> Scripts can't be suid, because they're interpreted
> BEEEPPP!!!! Wrong :)
No, I was right. A script is just a text file that is given as input to
an interpreter. There may be interpreters that examine their input
files, detect that they have the suid bit set, and run them with root
privileges if they do. But these interpreters will also have to be
suid, obviously. Therefore, the suidness is in the interpreter, not in
the script. The suid bit on the script is just a flag, and could just
as well be the line "RUNASROOT=yes" on the fourth line of the script.
Think about it. Say I am logged in as rodney, a normal user, and I have
the following files on my machine:
$ ls -l /bin/bash /home/rodney/foo.sh
-rwxr-xr-x 1 root 686520 May 10 2005 /bin/bash
-rwsr-sr-x 1 root 162 Nov 17 14:13 /home/rodney/foo.sh
They're both owned by root, and foo.sh has the suid bit set. But 'bash'
is the thing that actually runs. I am running it as 'rodney', not as
'root'. How am I suddenly going to get root priveleges, when I'm just
plain old rodney?
More information about the Clug-tech