Instruction manual

ManualsBrandsVax ManualsHousehold Appliances613 0S

MDP

APPLICATIONS

Issue 3 - Vol 2

USER

GROUP

NEWS

SET

USER

ID

ON

EXECUTION

There

has been some confusion

about

the

file

protection

attributes

and

the

use

of

set

user id on execution.

This

apnote

should help clear up any confusion

and

provides

an

example

to

work from which can be

adapted

for

your

applications.

There

are times when you would like

to

allow users to execute an application program,

but

not

let

them

read

the

actual file.

There

may

be sensitive information in

the

program

that

you

don't

want

them

to

see,

but

you

still

want

them

to

be able to execute the file.

Your

first

thought

might

be

to

chmod

the

file

to

711

(-rwx--x--x)

and

chown

to

root.

This

appears

to

permit

execution by anyone,

but

only

the

owner (root in

this

case) to

read

or

write

the

file.

If

you

set up a shell

script

in

this

fashion,

"others"

will get a -sh

error

message

stating:

cannot

open.

This

is

because

they

don't

have read access

to

the file. A second

attempt

might

be to chmod

the

file

to

4711 (-rws--x--x) to

set

the

user id to root privileges upon execution

(documented

under

"man

chmod"). Again,

you will find this

doesn't

work.

\Vhat

is

not

clear in

the

documentation

is

that

the

set

user id

bit

applies only on

executable

binary

files,

not

shell scripts.

Fortunately,

there

is

an easy way

to

allow

protection

of

a shell

script

application. All you need to do

is

create a

short

C

program

which calls

the

shell

script

for execution.

Consider

the

following example:

Our

shell

script

application program will be

called"

script"

and

consists

of

the

following:

:

script

- sensitive info

:

We

may

have some sensitive

data

in here

that

we

don't

:

want

anyone

to

see,

either

in

comments

or

in

the

actual

: commands.

For

this

example,

just

a simple

command

string:

Is

jusrjbin

I

wc

-I

To

try

this example, create (as superuser)

the

"script"

file

in

jusrjbin

and

"chmod

700

script".

Next,

"chown

root script" .

This

makes

the

file

unreadable

by anyone except

the

owner, root.

Now

we

need to create a C program which will execute

this

program

with

root

privileges.

Edit

the

following file

in

jusr

jbin

and

call it

"countem.c":

main() {countem.

c}

{

system{"

jusr/bin/script");

}

Compile

this

program

with:

cc

countem.c

-0

countem.

Now

set

the

file

attributes

with"

chmod 4711

countem"

and

"chown

root

countem".

This allows all users "execute"

status

for

the

"countem"

command

with

root

privileges upon execution.

Test

by

entering"

countem".

This

will

be executable by anyone, however no

one

(except root) can look

at

the

"script"

file

to

see

what

it

contains.

To

summarize, you

cannot

simply set execute (--x) privileges on a shell script,

the

user

must

also be able

to

~ead

the

file

in

order

to

execute it.

The

setuserid (chmod 4XXX)

is

not

meant

to

work on shell scripts, only

executable

binary files. Lastly, it is possible to setuserid on a shell

script

by

calling

the

script

from a C

program

which

has

the

appropriate

permission

attributes

setup

as

outlined

above.

Greg

Saville, Software Applications

Manager

24

TEKTRONIX

December 1983