HPE Community
Operating System - HP-UX
1830045 Members
10765 Online
109998 Solutions
New Discussion

Set-ID problem

 
Chern Jian Leaw
Regular Advisor

‎12-13-2002 12:59 AM

‎12-13-2002 12:59 AM

Set-ID problem

Hi,
I encountered this problem whereby when executing my scripts, it produced the error below:
"YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET!

FIX YOUR KERNEL, PUT A C WRAPPER AROUND THIS SCRIPT, OR USE -u AND UNDUMP!"

The scripts do not have the SGID, SUID nor the sticky bits set. Only their parent directories have the SGID bits set.

I was wondering if anyone could tell me what does this error msg mean? Also, how do I solve such problems?

If I need a C-wrapper, how should the C-wrapper be? I tried implementing the C-wrapper as follows i.e by calling the script from a C code:
cat myWrapper.c
#include

int main(){
execv("/cs/home/ken_lee/verify.sh");
return 0;
}

The "wrapper" however did not produce any outputs.

Could someone kindly help me out?

Thanks
0 Kudos
Reply
3 REPLIES 3
Stefan Farrelly
Honored Contributor

‎12-13-2002 01:15 AM

‎12-13-2002 01:15 AM

Re: Set-ID problem

The error you listed does NOT sound like a system (HP-UX) message to me but one that whoever wrote the script decided to put in.

In fact I didnt know you can disable set-id scripts in the kernel. I dont think you can - so the error message is wrong.

You could simply set the SGID on the script then run it (as long as the script isnt supposed to do anything dangerous) or edit the script and comment out the code which send this error message.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
F. X. de Montgolfier
Valued Contributor

‎12-13-2002 02:04 AM

‎12-13-2002 02:04 AM

Re: Set-ID problem

Hi,

For info: on the subject of setuid, you may want to see the following thread:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x84ac50dde50cd71190050090279cd0f9,00.html

It clarifies the issue quite a lot, IMO...

Cheers,

FiX
0 Kudos
Reply
Chern Jian Leaw
Regular Advisor

‎12-14-2002 10:23 PM

‎12-14-2002 10:23 PM

Re: Set-ID problem

Stefan,
The script does not produce the outputs "YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET!

FIX YOUR KERNEL, PUT A C WRAPPER AROUND THIS SCRIPT, OR USE -u AND UNDUMP!"

I had tried setting SGID on some other scripts sometime ago and it failed to execute.

FX,
Based on the URL which you provided me, I understand that the SUID and SGID do not apply to scripts. As I mentioned earlier, I did not set the SGID nor the SUID bit on my script.

I really do not understand the "-u AND UNDUMP" statement from the error msg obtained.

Any other suggestions on how I could solve this problem?

Thanks

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.