SUID permission on Bash script

**henter2007** · 08-27-2009

Hi folks!

Im trying to set up a reaaallly basic scrip to allow one user to shutdown my machine without root permisions, seting up SUID as follows:

-rwsrwxr-- 1 root wheel 38 Aug 27 23:12 apagar.sh

$ ./apagar.sh

Permission denied

content of script:

cat apagar.sh

]#!/usr/local/bin/bash
shutdown -p now

As far as i know, using SUID, script must runs with root permissions... so i shoudnt get "Permission denied", what im doing wrong??

**cfajohnson** · 08-28-2009

Very vew systems allow SUID scripts. Linux doesn't.

**henter2007** · 08-28-2009

Originally Posted by cfajohnson

Very vew systems allow SUID scripts. Linux doesn't.

do you know if freebsd support SUID?

**cfajohnson** · 08-29-2009

Originally Posted by henter2007

do you know if freebsd support SUID?

Yes, but not for scripts. I don't know of any that do allow SUID scripts, though I have heard that there are some.

**tetsujin** · 09-01-2009

Originally Posted by henter2007

Hi folks!

Im trying to set up a reaaallly basic scrip to allow one user to shutdown my machine without root permisions, seting up SUID as follows:

-rwsrwxr-- 1 root wheel 38 Aug 27 23:12 apagar.sh

$ ./apagar.sh

Permission denied

Apart from the question of whether your system supports SUID scripts, users outside of "root" and "wheel" do not have permission to execute this script...

Back in the day, the way around the restriction on SUID scripts was to use Perl - it provides a SUID mode. If the host system disables SUID on scripts, then when you run a SUID Perl script, if Perl is configured for SUID support, it will detect that the script being run has SUID bit set, and it will run its own SUID copy of the Perl interpreter to escalate privileges as required. I couldn't tell you whether it's safe, personally. If you care about security you need to be careful of anything SUID.

Now, a question: have you considered using "sudo"? I think that's what people typically use for jobs like this...

**sarlacii** · 09-01-2009

Originally Posted by tetsujin

Now, a question: have you considered using "sudo"? I think that's what people typically use for jobs like this...

Yip, that's what I was thinking. If your user "could" run a SUID script that shuts down the machine, that user has access to the shutdown command effectively. As such, given that SUID scripts are forbidden as they cannot be effectively policed, you should just edit your sudo configs to allow the user to run "shutdown" without a password prompt. That way they have exactly the same power "sudo shutdown -p now" but with proper logging etc.

Setting up sudo is easy, with many web references available. Else, just search the forum.

Good luck!

**sdousley** · 09-09-2009

Originally Posted by sarlacii

Yip, that's what I was thinking. If your user "could" run a SUID script that shuts down the machine, that user has access to the shutdown command effectively. As such, given that SUID scripts are forbidden as they cannot be effectively policed, you should just edit your sudo configs to allow the user to run "shutdown" without a password prompt. That way they have exactly the same power "sudo shutdown -p now" but with proper logging etc.

Setting up sudo is easy, with many web references available. Else, just search the forum.

Good luck!

In fact, if the script is setup incorrectly, and setup as SUID, then then, they effectively have a root shell. If you do use a SUID, make SURE that the user CANNOT edit the file, else they could put rm -rf / in the file, and wipe your system.

**tetsujin** · 09-09-2009

Originally Posted by sdousley

In fact, if the script is setup incorrectly, and setup as SUID, then then, they effectively have a root shell. If you do use a SUID, make SURE that the user CANNOT edit the file, else they could put rm -rf / in the file, and wipe your system.

There's bigger problems to consider, really...

Basically SUID programs' behavior can often be influenced by outside factors, such as the value of certain environment variables. A classic one for a SUID binary is to set the value of LD_PRELOAD or LD_LIBRARY_PATH to load in a piece of your own code when you run the program. Shell scripts tend to run a lot of programs from the path, so in addition to the dynamic linker environment variables, a SUID shell script would also be highly vulnerable to changes to the PATH variable.

(For instance: if your shell script includes the command "rm /var/log/x" and the user alters $PATH to include, at its head, a directory containing a copy of the BASH shell renamed to "rm" - then when the script is run, the user will get a root shell.)

This vulnerability, above and beyond what may be exploited in a SUID binary, is the basic reason why SUID shell scripts are normally considered fundamentally insecure. (Though it seems the LD_LIBRARY_PATH and LD_PRELOAD ones would be just as bad, honestly...)

**Lazydog** · 09-10-2009

Originally Posted by henter2007

Hi folks!

Im trying to set up a reaaallly basic scrip to allow one user to shutdown my machine without root permisions, seting up SUID as follows:

Look at sudoer. This will be your best bet for allowing someone to shutdown your system. You can allow then to run the shutdown , and only the shutdown, program as root.

**ossacomu** · 09-19-2010

An old problem~aaaah.It is simple because bash does not allow been used as an SET-UID program.So what you should do is install zsh and change symbolic link.link /bin/sh to /bin/zsh.

$ su
Password: (enter root password)
# cd /bin
# rm sh
# ln -s zsh sh

then you can use your script.

Thread Tools

Display

SUID permission on Bash script

Posting Permissions