 |
|
 |
|
01-22-07 06:16 PM
Hello,
I was wondering how am I supposed to proceed if had to call a shell
script and/or function inside a C/C++ code.
As shell script cant be setuid, I guess it could be possible or at least
conceivable, to use a binary instead.
Assuming it does work for a simple script, would it be possible to
enclose a whole script in a c code, and give the resulting binary the
appropriate set-uid permission ?
One could object, it would be sufficient to run the script with the
required permission but back in the context, I needed to find a
password-independant way to run some scripts as the passwords on those
box were changed oftenly. (don't laugh at me, its true...)
As I have time now, I was curious about experiencing the above.
Could it work ?
Thnks
E.S
[ Post a follow-up to this message ]
|
|
|
 |
|
 |
|
 |
|
01-23-07 12:20 AM
On Mon, 22 Jan 2007 15:54:49 +0100, Lie-Algebra
<Lie-Algebra@Amitsur-Levitski.net> wrote:
>
>
> Hello,
>
> I was wondering how am I supposed to proceed if had to call a shell
> script and/or function inside a C/C++ code.
>
system() or popen()
> As shell script cant be setuid, I guess it could be possible or at least
> conceivable, to use a binary instead.
>
If the C code is setuid, the called shell script would inherit the real
and effective uids.
> Assuming it does work for a simple script, would it be possible to
> enclose a whole script in a c code, and give the resulting binary the
> appropriate set-uid permission ?
>
> One could object, it would be sufficient to run the script with the
> required permission but back in the context, I needed to find a
> password-independant way to run some scripts as the passwords on those
> box were changed oftenly. (don't laugh at me, its true...)
>
Have you heard of sudo? Or ssh with public and private keys?
--
You never know what is enough until you know what is more than enough.
-- William Blake
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
01-23-07 06:26 AM
Lie-Algebra wrote:
> I was wondering how am I supposed to proceed if had to call a shell
> script and/or function inside a C/C++ code.
> As shell script cant be setuid, I guess it could be possible or at least
> conceivable, to use a binary instead.
> Assuming it does work for a simple script, would it be possible to
> enclose a whole script in a c code, and give the resulting binary the
> appropriate set-uid permission ?
> One could object, it would be sufficient to run the script with the
> required permission but back in the context, I needed to find a
> password-independant way to run some scripts as the passwords on those
> box were changed oftenly. (don't laugh at me, its true...)
> As I have time now, I was curious about experiencing the above.
> Could it work ?
B) it often won't work:
news:87qllc$954@crl.crl.com
A) such an approach as you're suggesting would generally be quite
ill-advised, even if it would work.
news:1168244268.925931.274190@51g2000cwl.googlegroups.com
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
01-24-07 01:03 AM
Lie-Algebra <Lie-Algebra@amitsur-levitski.net> wrote:
> As shell script cant be setuid, I guess it could be possible or at least
> conceivable, to use a binary instead.
You can compile a shell script using shc, the shell script compiler. The
resultant binary can then be setuid.
Regards,
Mark.
--
Mark Hobley
393 Quinton Road West
QUINTON
Birmingham
B32 1QE
Telephone: (0121) 247 1596
International: 0044 121 247 1596
Email: markhobley at hotpop dot donottypethisbit com
http://markhobley.yi.org/
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
01-25-07 06:32 AM
markhobley@hotpop.deletethisbit.com (Mark Hobley) writes:
> You can compile a shell script using shc, the shell script compiler. The
> resultant binary can then be setuid.
Uhh.... It's HARD to write a wrapper for a setuid program.
Does shc handle this? I never looked into it myself.
Suppose the script called a program that has a shell escape, like vi?
Can the PATH be modified, and a trojan inserted?
Can any other environment variable be modified and used to break root?
What if a file descriptor is connected to a dangerous file?
--
Sending unsolicited commercial e-mail to this account incurs a fee of
$500 per message, and acknowledges the legality of this contract.
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
01-29-07 06:32 AM
Bruce Barnett <spamhater123+U070124213407@grymoire.com> wrote:
> Does shc handle this? I never looked into it myself.
It looks like it just encrypts your shell script, and then when the binary i
s
run, the original script is decrypted and run in the shell.
So, if you are running your shell as root, then yes, your editor would run a
s
root also, and you could insert a trojan.
So you would need to check that your script doesn't break out before you
compile it.
A better solution would be to have a look at what you needed the root
privileges for in the first place, and handle these through user and group
access, leaving the shell script to run as a normal user.
Regards,
Mark.
--
Mark Hobley
393 Quinton Road West
QUINTON
Birmingham
B32 1QE
Telephone: (0121) 247 1596
International: 0044 121 247 1596
Email: markhobley at hotpop dot donottypethisbit com
http://markhobley.yi.org/
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
Sponsored Links |
 |
 |
|
|
 |
All times are GMT. The time now is 01:26 AM. |
 |
|
|
 |
|
 |
|
|
 |
|
Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
|
|
|
|
Medical and Health forum | Computer Games Reviews | Graphics design forum
|
 |
|
 |
|
