|
Home > Archive > Unix administration > July 2005 > disallowing root to run a script
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
disallowing root to run a script
|
|
| cconnell_1@lycos.com 2005-06-29, 5:53 pm |
| Hello,
This may sound silly, but I have a script that should be run as another
user. And I dont want people logging into the box as root and running
it accidentely.
Is there a way to put permissions on a script so root cannot run it but
another user can? I have tried all combinations but root can always
still run it.
Thanks
| |
| Bit Twister 2005-06-29, 5:53 pm |
| On 29 Jun 2005 10:18:17 -0700, cconnell_1@lycos.com wrote:
> Hello,
> This may sound silly, but I have a script that should be run as another
> user. And I dont want people logging into the box as root and running
> it accidentely.
Put a test for user's real id and exit if root.
man id
| |
|
| Begin <1120065496.979573.268470@g49g2000cwa.googlegroups.com>
On 2005-06-29, cconnell_1@lycos.com <cconnell_1@lycos.com> wrote:
> Hello,
> This may sound silly, but I have a script that should be run as another
> user. And I dont want people logging into the box as root and running
> it accidentely.
People should not login as root uless they know what they can and cannot
do, and even then only with the utmost care. That is the first issue.
The second is that the actual check for effective uid is pretty
simple, but as root one can do anything, so one can override that
all pretty easily unless you code it in C and not a script.
> Is there a way to put permissions on a script so root cannot run it but
> another user can? I have tried all combinations but root can always
> still run it.
That's the point of being root, no?
--
j p d (at) d s b (dot) t u d e l f t (dot) n l .
| |
| stackheap 2005-06-30, 2:54 am |
| cconnell_1@lycos.com wrote:
> Hello,
> This may sound silly, but I have a script that should be run as another
> user. And I dont want people logging into the box as root and running
> it accidentely.
> Is there a way to put permissions on a script so root cannot run it but
> another user can? I have tried all combinations but root can always
> still run it.
>
> Thanks
>
Why not assign the permissions to that user only? Root can run it so you
don't have to worry about it.
chown username file.format
-stackheap
| |
| Mark Rafn 2005-06-30, 2:54 am |
| <cconnell_1@lycos.com> wrote:
>This may sound silly, but I have a script that should be run as another
>user.
Meaning set-uid? Or just that it should be run as any user but root?
>And I dont want people logging into the box as root and running
>it accidentely.
If you have people logging in as root and accidentally running things, you're
in for trouble.
>Is there a way to put permissions on a script so root cannot run it but
>another user can? I have tried all combinations but root can always
>still run it.
Put a check inside the script (see the "id" command) that makes it print an
error and exit if run by root.
--
Mark Rafn dagon@dagon.net <http://www.dagon.net/>
| |
| cconnell_1@lycos.com 2005-06-30, 2:54 am |
|
Mark Rafn wrote:
> <cconnell_1@lycos.com> wrote:
>
> Meaning set-uid? Or just that it should be run as any user but root?
>
>
> If you have people logging in as root and accidentally running things, you're
> in for trouble.
>
>
> Put a check inside the script (see the "id" command) that makes it print an
> error and exit if run by root.
> --
> Mark Rafn dagon@dagon.net <http://www.dagon.net/>
Thanks for the suggestions. I will look at modifying the script to
return the message if run as root and also to put a chown command in
there somewhere to set proper file ownership. On another note, with
setuid, I always thought it lets a user run a script with root
permissions as though root is running it, is there an opposite, i.e. if
root runs the script, then it will be executed as though the other user
runs it?
One of the problems is that when the script is run as root, it creates
files which are naturally owned by root, then deletes them. When the
script is run by the user it is supposed to be run as, there is a
permissions error when the script runs.
| |
| Bill Marcum 2005-06-30, 7:49 am |
| On 30 Jun 2005 01:02:14 -0700, cconnell_1@lycos.com
<cconnell_1@lycos.com> wrote:
>
>
> Thanks for the suggestions. I will look at modifying the script to
> return the message if run as root and also to put a chown command in
> there somewhere to set proper file ownership. On another note, with
> setuid, I always thought it lets a user run a script with root
> permissions as though root is running it, is there an opposite, i.e. if
> root runs the script, then it will be executed as though the other user
> runs it?
Setuid usually doesn't work with scripts, but a setuid program runs as
its owner, which is usually root.
--
Tonight you will pay the wages of sin; Don't forget to leave a tip.
| |
| Mark Rafn 2005-06-30, 6:02 pm |
| <cconnell_1@lycos.com> wrote:
>On another note, with setuid, I always thought it lets a user run a script
>with root permissions as though root is running it,
That's the most common use (except it doesn't work on most scripts, it works
only on binaries or scripts whose processor directly supports suid usage (perl
is the only common one I know that does this).
However what it really does is to make the process run as if the owner of the
program had run it. That owner does not have to be root.
>root runs the script, then it will be executed as though the other user
>runs it?
Yup, if it's owned by "apache" and suid (and a program, not a shell script),
then it will execute as "apache" even if it's root who starts it.
>One of the problems is that when the script is run as root, it creates
>files which are naturally owned by root, then deletes them. When the
>script is run by the user it is supposed to be run as, there is a
>permissions error when the script runs.
One good way to handle this is to write the program such that it doesn't
matter who's running it. Create a unique temporary directory for tempfiles,
so multiple invocations won't step on each other. User-specific files go in
$HOME, so multiple users won't step on each other. Shared files should
be created with appropriate permissions that it doesn't matter who owns them.
--
Mark Rafn dagon@dagon.net <http://www.dagon.net/>
| |
| Knox@XPD8 2005-07-06, 5:53 pm |
| Simple enough-
Set this:
USERID=`who am i | cut -d" " -f1`
Then, this, at the head of your script(s).
if [ "$USERID" = "root" ]
then
echo "\n"
echo "You can not run this script as 'root'."
echo "\n"
exit
fi
| |
| Doug Freyburger 2005-07-07, 5:54 pm |
| Knox@XPD8 wrote:
>
> Simple enough-
>
> Set this:
> USERID=`who am i | cut -d" " -f1`
>
> Then, this, at the head of your script(s).
> if [ "$USERID" = "root" ]
> then
> echo "\n"
> echo "You can not run this script as 'root'."
> echo "\n"
> exit
> fi
Root is not always the only UID with 0. Better
to use "id -u", store that into a variable, and
compare numerically against 0.
Even more fancy, bracket in some code that
forbids interupting out.
| |
| Knox@XPD8 2005-07-07, 5:54 pm |
| Good point, and thank you Doug. When I was just 'babbling' the code,
did not take into account that root is not always the 1st (or 0) user
id.
| |
| Chris F.A. Johnson 2005-07-07, 8:49 pm |
| On 2005-07-07, Doug Freyburger wrote:
> Knox@XPD8 wrote:
>
> Root is not always the only UID with 0. Better
> to use "id -u", store that into a variable, and
> compare numerically against 0.
Any user with UID == 0 is, to all intents and purposes, root.
The result of "id -u" will be the same for all of them (obviously,
it is going to be 0).
--
Chris F.A. Johnson <http://cfaj.freeshell.org>
========================================
==========================
Shell Scripting Recipes: A Problem-Solution Approach, 2005, Apress
<http://www.torfree.net/~chris/books/cfaj/ssr.html>
|
|
|
|
|