Calling a script from a setuid root C program - script does not run as root

前端未结

关注

 5  823

佛祖请我去吃肉 2020-11-29 02:14

I need to run a bash script as root (passwordless sudo or su not viable) and since you cannot setuid a script in Linux, I thought about calling it from an executable and mak

5条回答

刺人心 (楼主)

2020-11-29 03:02
Another thing to note here is that the limitation here is from bash and not the *nix system itself. Bash actually make verifications on SUID scripts to only execute them with EUID root. If you take older shells, you will often get what you wanted out of the box. For example, sh doesn't make this kind of verifications:
```
$ cat wrapper.c
int main(void)
{
            system("/bin/sh -c whoami");
}

$ ls -l wrapper
-rwsr-sr-x 1 root users 8887 Feb 17 14:15 wrapper
$ ./wrapper
root
```
With bash:
```
$ cat wrapper.c
int main(void)
{
            system("/bin/bash -c whoami");
}

$ ls -l wrapper
-rwsr-sr-x 1 root users 8887 Feb 17 14:18 wrapper
$ ./wrapper
skinp
```
Still, Tom's answer is generally the way to go for making a wrapper for SUID root programs
0 讨论(0)

查看其它5个回答
发布评论:

提交评论
- 加载中...