| Title: | ase |
| Moderator: | SMURF::GROSSO |
| Created: | Thu Jul 29 1993 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 2114 |
| Total number of notes: | 7347 |
Problem at Reuters. UNIX 4.0b ASE 1.4 They want to run "asemgr -m foo" from an application monitoring script under some circumstances to relocate services. The script is owned by the account-id under which the applications run. Even if their script has root suid set, it fails. [seems to be trying to recreate a file in /etc] Is it possible to run asemgr from non-root accounts ?? Sorry if this was discussed already, I looked but could not find..... Regards, Euan [Posted by WWW Notes gateway]
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 1954.1 | No suid on shell scripts | BACHUS::DEVOS | Manu Devos DEC/SI Brussels 856-7539 | Fri Mar 21 1997 07:36 | 7 |
Hi,
The SUID bit is NOT acting on script. You should try to place it on the
asemgr program.
Regards, Manu.
| |||||
| 1954.2 | Watch out! | namix.fno.dec.com::jpt | FIS and Chips | Fri Mar 21 1997 08:12 | 17 |
> The SUID bit is NOT acting on script. You should try to place it on the > asemgr program. NO! You should NOT put SUID to asemgr prorgram, as there are several VERY potential security holes you create this way! Only way I might use after carefully studying its implications would be creating "jacket program" with SUID Perl,Tcl or C which would for example ask password to "operator account" or checking user's ID other way before accepting running asemgr as SUID. Be VERY careful creating SUID programs! Latest example is the very serious security hole with "dop"... -jari | |||||