SUID more explanation needed
I'm trying to understand SUID functionality.
So what I try is to create script.sh which modifies let say file a.txt. The script.sh is owned by specific user, let say test1 and group test1. Also file a.txt is same user and group. Now I do not allow to write for other users to file a.txt, however I set rws------ on script.sh (SUID is set) File a.txt has permissions rwxr--r--. Now when I execute script.sh as user test2 I got permission error on a.txt. I understood execution of script.sh is fired from user test2 but as it was run by user test1 who actually has write permisions to a.txt file. Must be I understand it wrongly. I understood user test2 can't modify a.txt file directly but using script.sh may change accordingly if script.sh requires it. |
Quote:
Best would be for you to post the actual command run and the result you got, in code tags. Also the actual result of the ls -l command on the script and the text file. If Code:
-rws------ test1 test1 Sep 7 10:10 script.sh Code:
-rwsr--r-- test1 test1 Sep 7 10:10 script.sh |
SUID doesn't work with scripts. A discussion of the problem with possible solutions or alternatives is at https://unix.stackexchange.com/quest...-shell-scripts.
|
Perhaps a more correct thing to allow other users to access a script and support files would be to make them 755 permissions and place them in /usr/bin, /usr/sbin, /usr/local/bin, or /usr/local/sbin.
|
suid means it is executed as the owner of the file and not the user who executes it
if the user can't execute it.. well |
Quote:
So only internal (built-in) commands of the shell run as user1. That's why suid for a script mostly isn't all that useful, the applications that do the actual work have to be suid too (or run through sudo, but then you don't need the suid at all). |
Quote:
M. |
All times are GMT -5. The time now is 12:59 AM. |