Find the answer to your Linux question:
Results 1 to 4 of 4
Hi! First of all sorry if my english is not excelent but it isnt my native language. I have a project where I'm building my own shell (named MYSHELL). One ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2012
    Posts
    2

    Question Allow any user to use shutdown with my own shell


    Hi!
    First of all sorry if my english is not excelent but it isnt my native language.

    I have a project where I'm building my own shell (named MYSHELL). One of the tasks is to create my own built-in turnitoff, a command that can be executed by any user that has MYSHELL as default shell *. The problem is that this command is only for the sudo.
    I read that I can edit the sudoers file BUT there is a problem with this:
    Lets say that John has MYSHELL installed. He can change to his previous shell whenever he wants (for example bash). When he is in bash he is not supossed to run shutdown, but he will.
    Hope I made my self clear....
    I dont want the answer, just a helping hand that can tell my were I can search...
    Thanx a lot in advance!

    *The user that has MYSHELL as shell is because someone installed it with a makefile. At this point is when we can change everything becase the makefile is run with the root user.

  2. #2
    Linux Newbie
    Join Date
    Mar 2010
    Posts
    152
    What you want to do is (i) make your executable owned by root and (ii) make the file set-user-id. This is done from the command line by "chmod u+s your-file" or with the chmod() system call using the S_ISUID flag (see either man page; of course, you must have appropriate privileges).

    This then allows you to call setuid() and change your effective UID to the UID of the file - this is how programs like su and sudo work.

    As a general rule, you want to run with elevated privileges for as little time as possible - when you want to let the user reboot/whatever, call setuid(0), perform the command and then setuid() back to your original UID (you probably don't want to give them root access whilst the system is shutting down - that may be a security hole).
    Programming and other random guff: cat /dev/thoughts > blogspot.com (previously prognix.blogspot.com)

  3. #3
    Just Joined!
    Join Date
    Oct 2012
    Posts
    2
    Thank you very much John!
    Newbie question...this works for a .sh too right? Because I heard you cant do some things with a script due to security reasons...

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Newbie
    Join Date
    Mar 2010
    Posts
    152
    Quote Originally Posted by coolerking View Post
    Thank you very much John!
    Newbie question...this works for a .sh too right? Because I heard you cant do some things with a script due to security reasons...
    For a shell you normally do things a little differently. You can add an entry to /etc/sudoers which will allow a specific user to use "sudo some-specific-command" without being prompted (I can't remember specifically how - see sudoers(5) or google). Obviously, this can be dangerous - if you choose to do this, be careful, and make the file they're allowed to run writable by root only.
    Programming and other random guff: cat /dev/thoughts > blogspot.com (previously prognix.blogspot.com)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •