Prev: Where is the document for /dev/fd/0?
Next: Removing pwd directory and su and cd .. issue
From: Luis P. Mendes on 9 Jun 2010 06:41
Hi all,

In this directory, there's the following permissions:
$ ll -d scripts/
drwxr-xr-x 3 lp users 4096 2010-06-08 23:10 scripts/

In scripts directory, there's the 'xx.sh' script (just performs ll on
directory)
scripts$ ll xx.sh
-rwsrwx--x 1 root root 6 2010-06-08 16:23 xx.sh

The partition where this directory is resides is mounted as defaults,
therefore with suid permission.

Since the suid bit in 'xx.sh' is set, why do I get:
scripts$ ./xx.sh
bash: ./xx.sh: Permission denied
when I try to run it with my 'lp' user?

I'm using Slackware Linux 13.0 64bits and
bash --version
GNU bash, version 3.1.17(2)-release (x86_64-slackware-linux-gnu)

Luis
From: pk on 9 Jun 2010 06:45
Luis P. Mendes wrote:

> Hi all,
>
> In this directory, there's the following permissions:
> $ ll -d scripts/
> drwxr-xr-x 3 lp users 4096 2010-06-08 23:10 scripts/
>
> In scripts directory, there's the 'xx.sh' script (just performs ll on
> directory)
> scripts$ ll xx.sh
> -rwsrwx--x 1 root root 6 2010-06-08 16:23 xx.sh
>
> The partition where this directory is resides is mounted as defaults,
> therefore with suid permission.
>
> Since the suid bit in 'xx.sh' is set, why do I get:
> scripts$ ./xx.sh
> bash: ./xx.sh: Permission denied
> when I try to run it with my 'lp' user?
>
> I'm using Slackware Linux 13.0 64bits and
> bash --version
> GNU bash, version 3.1.17(2)-release (x86_64-slackware-linux-gnu)

In Linux (and probably other systems), SUID is ignored on scripts.
If you *really* want that, you can write a binary wrapper to the script.
From: Luis P. Mendes on 9 Jun 2010 07:24
Wed, 09 Jun 2010 11:45:20 +0100, pk escreveu:

> Luis P. Mendes wrote:
>
>> Hi all,
>>
>> In this directory, there's the following permissions: $ ll -d scripts/
>> drwxr-xr-x 3 lp users 4096 2010-06-08 23:10 scripts/
>>
>> In scripts directory, there's the 'xx.sh' script (just performs ll on
>> directory)
>> scripts$ ll xx.sh
>> -rwsrwx--x 1 root root 6 2010-06-08 16:23 xx.sh
>>
>> The partition where this directory is resides is mounted as defaults,
>> therefore with suid permission.
>>
>> Since the suid bit in 'xx.sh' is set, why do I get: scripts$ ./xx.sh
>> bash: ./xx.sh: Permission denied
>> when I try to run it with my 'lp' user?
>>
>> I'm using Slackware Linux 13.0 64bits and bash --version
>> GNU bash, version 3.1.17(2)-release (x86_64-slackware-linux-gnu)
>
> In Linux (and probably other systems), SUID is ignored on scripts. If
> you *really* want that, you can write a binary wrapper to the script.

thank you pk.
For what I've read, I guess this is about 'race condition' when running
scripts.

Luis
From: Sven Mascheck on 9 Jun 2010 09:30
pk <pk(a)pk.invalid> wrote:
> Luis P. Mendes wrote:

>> -rwsrwx--x 1 root root 6 2010-06-08 16:23 xx.sh
>>
>> scripts$ ./xx.sh
>> bash: ./xx.sh: Permission denied

> In Linux (and probably other systems), SUID is ignored on scripts.

Doesn't the above indicate missing exec permissions,
instead of missing suid permissions?
From: Kenny McCormack on 9 Jun 2010 09:54
In article <huo51gU5atL1(a)news.in-ulm.de>,
Sven Mascheck <mascheck(a)email.invalid> wrote:
>pk <pk(a)pk.invalid> wrote:
>> Luis P. Mendes wrote:
>
>>> -rwsrwx--x 1 root root 6 2010-06-08 16:23 xx.sh
>>>
>>> scripts$ ./xx.sh
>>> bash: ./xx.sh: Permission denied
>
>> In Linux (and probably other systems), SUID is ignored on scripts.
>
>Doesn't the above indicate missing exec permissions,
>instead of missing suid permissions?

Then there's the fact that [shell] scripts require not only exec perms,
but also read perms - since the shell has to be able to open the file
and read it (Nitpickers note: This is true for all scripts, but just
shell scripts - hence the [] above).

See:

(/tmp/fred starts with #!/bin/bash)
$ chmod 111 /tmp/fred
$ /tmp/fred
/bin/bash: /tmp/fred: Permission denied
$

Note, incidentally, that if you use #!/bin/sh instead of #!/bin/bash (on
this Linux system, anyway), the error message is different:

/bin/sh: Can't open /tmp/fred

--
> No, I haven't, that's why I'm asking questions. If you won't help me,
> why don't you just go find your lost manhood elsewhere.

CLC in a nutshell.

 |  Next  |  Last
Pages: 1 2 3
Prev: Where is the document for /dev/fd/0?
Next: Removing pwd directory and su and cd .. issue