[Kc] Shell script to execute system command as another user
Brad
brad at bradandkim.net
Mon May 3 12:50:19 CDT 2004
On Mon, 2004-05-03 at 11:22, John Reinke wrote:
> I'd probably accomplish this through file permissions. Make the script owned by 'cyrus' and also use the set-ID option (see the chmod manpage). When it executes, it will execute as the file owner, no matter who runs it.
>
> Make sure that the permissions allow the user 'nobody' to access the script, but no unauthorized users (you never can be too safe when executing shell commands based on user input). You may want to use group permissions to accomplish that.
>
> John
This seems to work great. I have always heard advice on using caution
when using suid. I had never tried it until now. I guess as long as it
is not a big security risk, this is easy and accomplishes just what I
need.
Thanks,
Brad
More information about the kc
mailing list