On Mon, 15 Jan 2001, Bob Bernstein wrote: > $ ./sutest > does this work? > /var/log/user.log: Permission denied > > Can someone explain what's going on here? Is starting a shell the problem?
The setuid bit doesn't work on shell scripts. You will have to compile a C program use use perl. Perl scripts work with the setuid bit because perl has a special setuid executable to run them with. Essentially having shell scripts work with the setuid bit allows a malicious user to "trick" the system into running a false interpreter with root permissions. This won't do, so root shell scripts are prohibited.
