SUMMARY: suid.

From: Jacques Rall (
Date: Tue Jan 28 1997 - 07:23:07 CST

Original question:

Dear SMs,

How can I allow an operator to execute scripts with root authority?

        # ls -al dumper
        -r-sr-x--- 1 root staff 488 Jan 27 08:49 dumper


        # Ensure a rewinded tape
        /usr/bin/mt -f /dev/rmt/0 rewind
        for fs in / /usr /var
                ufsdump 0fu /dev/rmt/0n $fs 2>>
        mt -f /dev/rmt/0 offline

        # su - ops
        Sun Microsystems Inc. SunOS 5.5.1 Generic May 1996
        $ cd backup
        $ ./dumper
        ./dumper[6]: /export/home/ops/backup/udump.log: cannot create
        ./dumper[6]: /export/home/ops/backup/udump.log: cannot create
        ./dumper[6]: /export/home/ops/backup/udump.log: cannot create
        $ ls -l udump.log
        -rw-rw-r-- 1 root other 490530 Jan 27 08:46 udump.log
        $ cd ..
        $ ls -ld backup
        drwxrwxr-x 2 root other 512 Jan 27 08:58 backup

The only function of this programs that works for the operator is to
eject the tape cartridge.



Use sudo. It can be found at

For all practical purposes the suid feature is useless. Although the
intensions of suid was good, it can now only be used for cracking and
not for any constructive purposes.

Thanks to *

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:43 CDT