HPE Community
Operating System - HP-UX
1822494 Members
2493 Online
109642 Solutions
New Discussion юеВ

execute files without read permission

 
SOLVED
Go to solution
Carme Torca
Super Advisor

тАО03-24-2004 02:37 AM

тАО03-24-2004 02:37 AM

execute files without read permission

Hi,

Does anyone knows know I can put a file without read permission, but with execution permission.... I want this because I don't want the user see inside the file.

Is it possible?
Thanks!
Carmen.
Users are not too bad ;-)
0 Kudos
Reply
17 REPLIES 17
Robert-Jan Goossens
Honored Contributor

тАО03-24-2004 02:40 AM

тАО03-24-2004 02:40 AM

Re: execute files without read permission

Hi Carmen,

# chmod 100 file

Robert-Jan
0 Kudos
Reply
Patrick Wallek
Honored Contributor

тАО03-24-2004 02:40 AM

тАО03-24-2004 02:40 AM

Re: execute files without read permission

If you are talking about a shell script, it is not possible by just changing the permissions. A shell script MUST be readable to be executable.
0 Kudos
Reply
Sanjay_6
Honored Contributor

тАО03-24-2004 02:41 AM

тАО03-24-2004 02:41 AM

Re: execute files without read permission

Hi,

Yes it is possible. Set the permissions of the file accordingly.

Hope this helps.

Regds
0 Kudos
Reply
Carme Torca
Super Advisor

тАО03-24-2004 02:42 AM

тАО03-24-2004 02:42 AM

Re: execute files without read permission

It doesn't works fine...
I put
chmod 070 to /tmp/prova.txt
-----x--- 1 root oinstall 47 24 Mar 16:33 prova.txt

But If I do:

[:oracle]/tmp> ./prova.txt
ksh: ./prova.txt: cannot open

Users are not too bad ;-)
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО03-24-2004 02:44 AM

тАО03-24-2004 02:44 AM

Re: execute files without read permission

a file can have execute permissions(see above) without read permissions.

root can execute a script with no read permissions because in reality root can read ANYTHING.

Thats because its all powerful.

On a practical level, it might help to know what you are trying to accomplish.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Mark Grant
Honored Contributor

тАО03-24-2004 02:44 AM

тАО03-24-2004 02:44 AM

Re: execute files without read permission

You can't do this except for root. You need read permission to execute it. The only way around this that I can think of is to have a SETUID root wrapper program that calls the script.
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО03-24-2004 02:46 AM

тАО03-24-2004 02:46 AM

Re: execute files without read permission

The answer is both yes and no. If the file is a true executable (e.g. a compiled 'C' program) then all you need are the execute ('x') permissions but I suspect that you are talking about a script. A script is interpreted so the shell must be able to read the file before it can execute it. In fact, the execute bits on a shell script only have meaning to the shell itself rather than the OS.

There are some utilities which can compile your shell script into a true executable; the commercial versions work quite well.
If it ain't broke, I can fix that.
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

тАО03-24-2004 02:46 AM

тАО03-24-2004 02:46 AM

Re: execute files without read permission

Hi,

Made a small script with ls -la permissions 100 --x------ rj

/tmp/r# more rj
ls -la
/tmp/r# ls -la
total 48
drwxr-xr-x 2 root sys 1024 Mar 24 16:39 .
drwxrwxrwx 8 bin bin 22528 Mar 24 16:44 ..
---x------ 1 root sys 7 Mar 24 16:44 rj
/tmp/r# ./rj
total 48
drwxr-xr-x 2 root sys 1024 Mar 24 16:39 .
drwxrwxrwx 8 bin bin 22528 Mar 24 16:44 ..
---x------ 1 root sys 7 Mar 24 16:44 rj


Regards
Robert-Jan
0 Kudos
Reply
Mark Grant
Honored Contributor

тАО03-24-2004 02:48 AM

тАО03-24-2004 02:48 AM

Re: execute files without read permission

Robert-Jan,

But you are "root". As SEP said, root can read "unreadable" files. Try is as a non-root user.
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

тАО03-24-2004 02:49 AM

тАО03-24-2004 02:49 AM

Re: execute files without read permission

YUP you are right Mark, did not see your post, sorry Carmen.
0 Kudos
Reply
Carme Torca
Super Advisor

тАО03-24-2004 02:52 AM

тАО03-24-2004 02:52 AM

Re: execute files without read permission

Hi,
How does work SETUID root wrapper program??
Could you put me an example??

Thanks!
Carmen.
Users are not too bad ;-)
0 Kudos
Reply
Carme Torca
Super Advisor

тАО03-24-2004 02:56 AM

тАО03-24-2004 02:56 AM

Re: execute files without read permission

There are some utilities which can compile your shell script into a true executable; the commercial versions work quite well.....

Does you know the name of one utility of its??

Thanks!!
Carmen.
Users are not too bad ;-)
0 Kudos
Reply
Mark Grant
Honored Contributor

тАО03-24-2004 02:58 AM

тАО03-24-2004 02:58 AM

Solution

Re: execute files without read permission

Simple one would be

main(){
system("}

save as mywrapper.c

Compile with cc -s -o mywrapper mywrapper.c

chown root mywrapper

chmod 6755 mywrapper

In my view, this is a worse security hazard than allowing people to read your script (particulary using system()) but it might be enough for your needs.
Never preceed any demonstration with anything more predictive than "watch this"
Reply
RolandH
Honored Contributor

тАО03-24-2004 02:58 AM

тАО03-24-2004 02:58 AM

Re: execute files without read permission

@ Robert

that is what Clay tried to explain.

root can read everything so no need for read rights. As normal user your script needs these rights to work:

-x-x------ 1 user group 7 Mar 24 16:44 rj

But I have another solution for you carmen. If you don't want that a user can look in a script, because of a password in the script you can use the script compiler shc from
http://big.asknet.de/ for me it works fine.
But when your script MUST run under root rights you should try sudo.


Roland
Sometimes you lose and sometimes the others win
Reply
Carme Torca
Super Advisor

тАО03-26-2004 01:23 AM

тАО03-26-2004 01:23 AM

Re: execute files without read permission

Hi,

I have prove the script compiler shc from
http://big.asknet.de/, but it shows me:

> shc -f prova.sh
shc Invalid script's first line: #/bin/ksh
shc: Error 0

so, I have prove to do:

int main()
{
system("prova.sh");
}
and it's works fins.
Thanks everybody!!!
Carmen.

Users are not too bad ;-)
0 Kudos
Reply
RAC_1
Honored Contributor

тАО03-26-2004 01:33 AM

тАО03-26-2004 01:33 AM

Re: execute files without read permission

The first line should be #!/usr/bin/sh

Anil
There is no substitute to HARDWORK
0 Kudos
Reply
RolandH
Honored Contributor

тАО03-26-2004 01:36 AM

тАО03-26-2004 01:36 AM

Re: execute files without read permission

I have testet it with Korn-Shell, too (#!/usr/bin/ksh). It has worked. But do not know if it will work with more complex Korn-Shell-scripts.

Roland
Sometimes you lose and sometimes the others win
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.