HPE Community
Operating System - HP-UX
1849679 Members
6915 Online
104044 Solutions
New Discussion

su ,how ?

 
Frank Li
Trusted Contributor

‎08-24-2001 12:59 AM

‎08-24-2001 12:59 AM

su ,how ?

Hi ,

We know when you run "su " , the system will prompt you for passwd , after you type the correct root passwd , you will get the shell for root (The prompt is #) .

Here I want to implement such program named "chsu" so that certain persons need not type the root passwd to get root access when they execte chsu .

I wrote a program in c ( chsu.c) with the "setuid(0)" in it and change the exection file(chsu) persion to 4755 , I can get the root permission , but not the same as execute "su" , for example , when you execute "su" , you get "#" for root . and the command "id" are different after you execte "chsu" and "su" .

chsu.c
#######################
#include
#include

main()
{

// if the user is granted to execute this program
// maybe can control by a file chsu.txt
// ....
setuid(0);
system("sh");

}
#######################################

Any body can give hint to me ? such as how to write such a program,
or how to write a program like "su"
( I am not a C programer , so if you give me the source file , Great!!)

thanks
Frank Li
Hi Friend
0 Kudos
Reply
3 REPLIES 3
Klaus Crusius
Trusted Contributor

‎08-24-2001 02:28 AM

‎08-24-2001 02:28 AM

Re: su ,how ?


main( argc, argv ) {

setuid(0);
execv( "/usr/bin/su", argv );
}

should do.
Klaus
There is a live before death!
0 Kudos
Reply
Wodisch
Honored Contributor

‎08-24-2001 03:35 PM

‎08-24-2001 03:35 PM

Re: su ,how ?

Hello Frank,

get a copy of "sudo", edit the "/etc/sudoers" config file
and live happily ever after ;-)
Do NOT go for your first attempt of your script, as that
is much (MUCH) to dangerous!!!

Be careful,
Wodisch
0 Kudos
Reply
linuxfan
Honored Contributor

‎08-24-2001 06:21 PM

‎08-24-2001 06:21 PM

Re: su ,how ?

Hi frank,

I completely agree with Wodisch here. You can download sudo either from
ftp://ftp.courtesan.com/sudo/dist/sudo-1.6.3p7.tar.gz
or in swinstall format
http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.2b1/

The good thing using sudo, users can execute commands as other users or root, without knowing any other passwords beside their own

-HTH
Ramesh
They think they know but don't. At least I know I don't know - Socrates
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.