Professional Web Applications Themes

set-uid bit: where am I going wrong? - FreeBSD

I'm trying to use a script I wrote to copy files from one directory to another (as part of my backup regime). Unfortunately, because they are in my webserver directory, some of the files don't belong to the user that I run the script as (via cron). I can run the script with sudo, so I know that it's a permission problem. My initial thought is that I can use the set-uid bit and chown the script to root, but this still balks. Here is the relevant output of ls -l. -rwsr-xr-x 1 root admin 283 Nov 23 15:58 buprep.yuri ...

  1. #1

    Default set-uid bit: where am I going wrong?

    I'm trying to use a script I wrote to copy files from one directory to another (as part of my backup regime). Unfortunately, because they are in my webserver directory, some of the files don't belong to the user that I run the script as (via cron). I can run the script with sudo, so I know that it's a permission problem.

    My initial thought is that I can use the set-uid bit and chown the script to root, but this still balks. Here is the relevant output of ls -l.

    -rwsr-xr-x 1 root admin 283 Nov 23 15:58 buprep.yuri

    Clearly the file is owned by root, and I kept it as part of my group. I've read the man pages, and believe that when I call the script, it will assume root's permissions. It doesn't, so where am I going wrong?

    Thanks,
    Tim
    --
    com
    Tim Guest

  2. #2

    Default Re: set-uid bit: where am I going wrong?

    On Apr 11, 2005 2:51 PM, Tim Stephens <com> wrote:
     

    FreeBSD does not support setuid scripts. They are inherently insecure.
    You have some options though to your problem. You could run the script
    directly as root, which is what you are trying to do. Or you could
    write a wrapper round your script, which may seem like overkill.

    Given that you trust your script enough to try to run it setuid, I
    would go for the first option. Make sure the script cannot be altered
    by anyone other than root, then run it as root.
     

    Frem.
    Freminlins Guest

  3. #3

    Default Re: set-uid bit: where am I going wrong?

    Tim Stephens <com> writes:
     

    The kernel ignores the setuid bit on interpreted files, for security
    reasons.
    Lowell Guest

Similar Threads

  1. something wrong..
    By Ulitasch in forum Macromedia Flash Data Integration
    Replies: 1
    Last Post: May 18th, 01:51 PM
  2. What am I doing wrong?
    By Ant in forum PHP Development
    Replies: 6
    Last Post: June 20th, 01:16 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139