Solved

URGENT - Making SUID program to restart sendmail

Posted on 1997-08-08
6
194 Views
Last Modified: 2012-05-04
Hi there....

I am trying to make a program that can restart sendmail but I need it accessible from any user.
So any user can restart sendmail.

I have a script that is this:

sh -c 'set `cat /var/run/sendmail.pid`; kill $1; shift; eval "$@"'

But it only works if invoked from user root.
How do I make it suid so anyone can run it?

Thank you so mucj

0
Comment
Question by:pamsam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 5

Expert Comment

by:n0thing
ID: 2006634
Hi,

   To make it SUID ... just do a "chmod 4755" on it. However SUID
shell scripts is a security hole, in your case it could be exploited and users might gain root access. You oculd re-code
it either in C, perl or perhaps using sudoers.

Best regards,
Minh Lai
0
 

Author Comment

by:pamsam
ID: 2006635
It didn't work..
I know why though, I need to change the real user ID not just the effective user id.

I can do this in perl by changing the $< variable but for some reason I can only have one exec statement in my script.


0
 
LVL 4

Accepted Solution

by:
jlms earned 200 total points
ID: 2006636
Recent UNIXes don't allow SUID of shell scripts, you need the sudo program or to make a C program that does what you need.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:hotlava
ID: 2006637
Get hold of a program called "sudo" or "super".  not only will
this solve your above problem, it will give you fine grained control over root privileges.

Gary
0
 

Author Comment

by:pamsam
ID: 2006638
Hi.

I worked it out myslef but thanks for trying....


0
 

Author Comment

by:pamsam
ID: 2006639
Hi.

I worked it out myslef but thanks for trying....


0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
unix scripting question 1 120
Sed question 2 139
how to write and save a unix script 12 39
grep command usage 10 33
When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question