HPE Community
Operating System - HP-UX
1847255 Members
5371 Online
110263 Solutions
New Discussion

Re: shell trick? ( how to enable ENV file processing in suid script?)

 
Sergey_27
Occasional Advisor

‎09-24-2003 08:10 AM

‎09-24-2003 08:10 AM

shell trick? ( how to enable ENV file processing in suid script?)

Hi,
Is there a way for ksh to make it ignore privileged mode? I have a suid script which has 3 lines:
#!/bin/ksh
export ENV=/home/user/env
exec ksh

and of course ksh senses that uid != ruid and sets privileged mode automatically. There seem to be nothing in the man pages which can force ksh to process ENV file.
Any suggestions?

Thanks,
Sergey.
0 Kudos
Reply
7 REPLIES 7
Dave La Mar
Honored Contributor

‎09-24-2003 09:22 AM

‎09-24-2003 09:22 AM

Re: shell trick? ( how to enable ENV file processing in suid script?)

Sergey,
We get around most of the hassle of environment by including those variables necessary with the script being executed.
Doesn't exactly answer your question bu it is a solution that works for us.

Best of luck.

Regards,
dl
"I'm not dumb. I just have a command of thoroughly useless information."
0 Kudos
Reply
Sergey_27
Occasional Advisor

‎09-24-2003 09:24 AM

‎09-24-2003 09:24 AM

Re: shell trick? ( how to enable ENV file processing in suid script?)

Yes, but what I really need is having aliases loaded.
0 Kudos
Reply
Mark Grant
Honored Contributor

‎09-24-2003 05:32 PM

‎09-24-2003 05:32 PM

Re: shell trick? ( how to enable ENV file processing in suid script?)

The way I tend to get around this is with a nasty little "C" wrapper to run the script. Make the C program setuid instead. In your case, make this call your first script. The UID and GID of the script will still be that of the user unless you also add a setuid(0) in there somewhere.something like #include main(){ execl("/mypath/myscript", "myscript",0);}
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
RolandH
Honored Contributor

‎09-25-2003 12:25 AM

‎09-25-2003 12:25 AM

Re: shell trick? ( how to enable ENV file processing in suid script?)

Hi Sergey,

It works for me.

My Script looks like this
#!/bin/ksh
ENV=$HOME/alias.file
export ENV
exec ksh

alias.file must have read-permissions !!

HTH
Roland

Sometimes you lose and sometimes the others win
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎09-25-2003 12:27 AM

‎09-25-2003 12:27 AM

Re: shell trick? ( how to enable ENV file processing in suid script?)

We have a line in /etc/profile or $HOME/.profile

ENV=/.kshrc

Aliases work.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Sergey_27
Occasional Advisor

‎09-25-2003 01:56 AM

‎09-25-2003 01:56 AM

Re: shell trick? ( how to enable ENV file processing in suid script?)

I guess the will explain my prolem:
man ksh
-p Disables processing of the $HOME/.profile
file and uses the file /etc/suid_profile
instead of the ENV file. This mode is on
whenever the effective uid (gid) is not
equal to the real uid (gid). Turning this
off causes the effective uid and gid to be
set to the real uid and gid.
0 Kudos
Reply
Sergey_27
Occasional Advisor

‎09-25-2003 08:28 AM

‎09-25-2003 08:28 AM

Re: shell trick? ( how to enable ENV file processing in suid script?)

Decided not to use aliases but create functions instead and export FPATH to the child shell.

Tried c-wrapper but it still had euid!=uid

Thanks everybody.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.