[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

file permission

Posted on 1998-08-24
12
Medium Priority
?
326 Views
Last Modified: 2013-12-27
I need to share a program (csh script) with other members of my group in a unix system (solaris).  Is there any way I could share without showing the source code?  I tried to make my HOME with permission 711 and the the program 711 as well.  But it doesn't seem working, "permission denied".  Any help will be appreciated.
0
Comment
Question by:roylam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +4
12 Comments
 
LVL 10

Expert Comment

by:rbr
ID: 2006752
Try 755 at your HOME
0
 

Author Comment

by:roylam
ID: 2006753
I tried a few combinations of the permissions, and sofar only this work:
1) HOME 711 and file 755
2) HOME 755 and file 755 <- obvious after trying (1)

This, however, isn't what I intended, I don't want others have read access to my file -- just execution permission, ie file 711.

I have seen a program with permission somewhat like 711 but in the actual listing, ie ls -al, it has -rws--x--x
and the directory it belongs to is 755.  In this case, everyone can execute the program.  Any idea?

0
 
LVL 2

Expert Comment

by:JYoungman
ID: 2006754
the file you are talking about is a setuid program.  You can't make scripts like this because the shell needs to be able to read the script in order to execute it, and also because many kernels do not let you make scripts setuid for security reasons.

Write a setuid (to your ID) wrapper in C and have the wrapper
close fd 0, and open the script O_RDONLY.   It should then call setuid(getuid()) to give away its sewtuid privs (don't forget to check for errors!).  It should then execv() /bin/csh with its complete argument string intact.

You can then "chmod go=" your csh script.

If you wanted to use stdin in the csh script, you will have to dup2(0, 4) in the C program, and replumb it with exec in a sh script, but IIRC csh doesn't support exec replumbing so you'd have to do that in a /bin/sh script and exec AGAIN to run the csh script.

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 51

Expert Comment

by:ahoffmann
ID: 2006755
Scripts in UNIX must at least have permission rx for those users
who should execute them. The se permissions even must be on the
directory containing the script. So you can't hide the text, no
way arround this.

The only solution executing a script without being read directly
by the user: sse JYoungman comment above.
0
 
LVL 2

Expert Comment

by:kellyjj
ID: 2006756
I do think Youngman is correct.  If they don't have read permision then they can't execute.
0
 
LVL 5

Expert Comment

by:bchew
ID: 2006757
Some shells DO allow setuid, though.  You can try chmod 4511 <yourscript>.  It works on my old ULTRIX system!
0
 

Author Comment

by:roylam
ID: 2006758
Thanks for all yours responses.

JYoungman's sounds good but also too technical.  So could you please give me a example.  The program I wrote basically dealing with awk, grep and cat.
0
 
LVL 5

Expert Comment

by:bchew
ID: 2006759
roylam,
the permissions you describe (rws--x--x) are created by the chmod 4511 I described earlier.  Did you try that?
0
 
LVL 3

Accepted Solution

by:
elfie earned 300 total points
ID: 2006760
If users are not allowed to see what code is inside a script, we converted the scriipt into a C-program.
We used a program called "SHC" (shc-2.4a) to convert shell scripts into c-programs.

The latest version (3.0) can be found at

http://www.datsi.fi.upm.es/~frosal/frosal.html
0
 

Author Comment

by:roylam
ID: 2006761
The program shc is working!

but sometime thereis a little problem:
#: command not found
0
 
LVL 3

Expert Comment

by:elfie
ID: 2006762
Does that refer to a command that are executing in the script? if so, try to find out if the command is in the current path.
If it is not found, just extend the PATH with the correct directories.

If you are trying to execute a command inside the script with the dot command (.), it could be a problem. In that case you can try to include the other script in your executing script. (Change the . into a %include, and then you can use the C pre-processor to expand the script before using the shc program.
0
 

Author Comment

by:roylam
ID: 2006763
My csh script was working fine, but the compiled version sometimes produces strange output in addition to the normal output.  However, there is no problem at all after I changed the program into a sh script.

I think shc works better with sh script.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question