https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085278#M143544 You've just opened your system for a huge trojan.<BR /> <BR />If you must allow normal users (and I don't know why), then try 2555 perms and make sure the file is owned by root: chown root /sbin/ioscan.<BR /> <BR />You may also want to investigate using sudo as you can restrict which users can use it and you have an audit trail.<BR /> <BR />HTH. Fri, 03 Oct 2003 14:19:09 GMT Brian Bergstrand 2003-10-03T14:19:09Z https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085277#M143543 I set that file 4777, an ordinary user still cannot execute the command. Please help. Fri, 03 Oct 2003 14:14:33 GMT https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085277#M143543 Jun Zhang_4 2003-10-03T14:14:33Z https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085278#M143544 You've just opened your system for a huge trojan.<BR /> <BR />If you must allow normal users (and I don't know why), then try 2555 perms and make sure the file is owned by root: chown root /sbin/ioscan.<BR /> <BR />You may also want to investigate using sudo as you can restrict which users can use it and you have an audit trail.<BR /> <BR />HTH. Fri, 03 Oct 2003 14:19:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085278#M143544 Brian Bergstrand 2003-10-03T14:19:09Z https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085279#M143545 Sorry, that should be 4555, not 2555. Just get rid of the write perms.<BR /> <BR />ioscan is owned by bin so change the owner to root as I suggested and your users will be able to run it.<BR /><BR />HTH. Fri, 03 Oct 2003 14:22:34 GMT https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085279#M143545 Brian Bergstrand 2003-10-03T14:22:34Z https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085280#M143546 Hi,<BR /><BR /> sure non-root user can execute ioscan.. u dont have to modify the permission.<BR /> <BR /> just use the -k option<BR /><BR /> $ ioscan -fnk<BR /><BR /> Without -k option ioscan tries to refresh the kernel with the status of the devices. With -k opton it just queries the kernl memory and displays.<BR /><BR />Sundar<BR /><BR /> Fri, 03 Oct 2003 14:25:23 GMT https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085280#M143546 Sundar_7 2003-10-03T14:25:23Z https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085281#M143547 Actually I believe 4555 is more likely to work as this will set the setuid bit whereas 2555 will set the guid bit (6555 for both). I think Brian has a good point when he says that you shouldn't really do this and sudo is a much better option. Fri, 03 Oct 2003 14:25:53 GMT https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085281#M143547 Mark Grant 2003-10-03T14:25:53Z https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085282#M143548 Sundara's option is better than anything else. I completly forgot about that. With -k you don't have to change anything. Fri, 03 Oct 2003 14:35:06 GMT https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085282#M143548 Brian Bergstrand 2003-10-03T14:35:06Z https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085283#M143549 No.<BR /> <BR />You get an error accessing /dev/config<BR /> <BR />If you open up permissions there you might as well just wipe the whole box out.<BR /> <BR />This is a HUGE security problem. ioscan is an admin tool. Anyone that uses it should be trusted with the root password.<BR /> <BR />SEP Fri, 03 Oct 2003 14:54:44 GMT https://community.hpe.com/t5/operating-system-hp-ux/can-non-root-user-execute-sbin-ioscan/m-p/3085283#M143549 Steven E. Protter 2003-10-03T14:54:44Z