*BSD News Article 73285


Return to BSD News archive

#! rnews 1726 bsd
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!nntp.coast.net!oleane!jussieu.fr!rain.fr!francenet.fr!usenet
From: Gildas Perrot <perrot@francenet.fr>
Newsgroups: comp.unix.bsd.bsdi.misc
Subject: Re: Setuid
Date: Wed, 10 Jul 1996 10:21:13 +0200
Organization: Francenet -- Paris, France
Lines: 32
Message-ID: <31E367F9.446B9B3D@francenet.fr>
References: <61a7cc$c1438.2d6@NEWS>
NNTP-Posting-Host: epiphore.francenet.fr
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Mozilla 3.0b4Gold (X11; I; BSD/OS 2.0 i386)
To: Mury <mury@goldengate.net>

Mury wrote:
> 
> Sorry, but my C programming skills are way out of touch.  I want to
> let some part-time workers be able to add users without having root
> access, so I believe I have to run a script setuid.  If someone could
> help me with the syntax of this C program, or recommend a better way
> of accomplishing the same,  I would deeply appreciate it.
> 
> It will run the perl script "newadd.pl", which runs the adduser,
> edquota, etc. code.  Thanks.
> 
>  #include <sys/types.h>
>  #include <unistd.h>
> 
> main(int){
>      setuid(setuid 0);
> system ("perl /scrog/newadd.pl");
> 
> }

Why don't you use suidperl which has been recently patched for security
holes recently and which allow you to create an suid perl script
directly. Just put /usr/bin/suidperl (or sperl for Perl5) at the 1st
line of your perl script and put this script suid owned by root.
Don't forget to apply patch U210-017 for BSD/OS 2.1 for security.

Good luck.	Gildas.

-- 
Gildas PERROT, perrot@francenet.fr         __o
FranceNet, 28 rue Desaix, 75015 Paris ---_ \<,_
                                   ---- (_)/ (_)