发表新帖
发表新帖

Setuid bit on python script : Linux vs Solaris

后端 未结
关注
3 1609
余生分开走
余生分开走 2020-12-03 14:44

I am running this small python script on both linux and Solaris as a not privileged user :

#!/usr/bin/python
import os
print \'uid,euid =\',
3条回答
  • 半阙折子戏
    半阙折子戏 (楼主)
    2020-12-03 15:24

    Most Unix distributions normally don't allow you to use setuid on a file that uses a #! interpreter. Solaris happens to be one that allows it due to its use of a more secure implementation than most other distributions.

    See this FAQ entry for more background about why the mechanism is so dangerous: How can I get setuid shell scripts to work?

    See this link for more discussion and how to compile a setuid executable that will run your script: setuid on shell scripts

    The pertinent part:

    int main()
{
   setuid( 0 );
   system( "/path/to/script.sh" );

   return 0;
}

    0 讨论(0)
 看不清?
提交回复
热议问题