Re: running a background bash script as root. dangerous?
- From: Ertugrul Soeylemez <never@xxxxxxxxxxxxxx>
- Date: Mon, 23 Jan 2006 04:58:32 +0100
Unruh <unruh-spam@xxxxxxxxxxxxxx> (05-12-31 23:39:53):
> someone92@xxxxxxxxxxx writes:
>
> >Hi, I've made a bash shell script that may need to be run as root
> >(sometimes). The script will be run as cron job (and could be running
> >for hours when launched). I would like to know if it can be a
> >security issue to run a shell script as root? And what solution could
> >I use if it needs root previleges.
>
> It should be fine. No different than running the program as root from
> the console.
Some minor differences. Bash is running with a different configuration
for non-interactive shells (i.e. scripts).
> What is dangerous ( and bash will not let you do) is run a shell
> script as suid root.
It's not Bash, which doesn't let you; it's Linux. The SetUID bit on
non-binaries (scripts) has no effect. Hence you also cannot SUID a Perl
script to root. I don't know how it's handled, if the binary
(e.g. /bin/bash) is itself SUID to root, though.
> >I know that a perl script would be more safe, but I wanted to make a
> >shell script.
>
> No difference in safety.
It's easier to make mistakes in a shell script. Even though the Perl
syntax is horrible, the shell's syntax is even worse.
Regards.
.
- References:
- running a background bash script as root. dangerous?
- From: someone92
- Re: running a background bash script as root. dangerous?
- From: Unruh
- running a background bash script as root. dangerous?
- Prev by Date: Re: Buffer Overflow`s
- Next by Date: Re: What does it mean???
- Previous by thread: Re: running a background bash script as root. dangerous?
- Next by thread: Re: running a background bash script as root. dangerous?
- Index(es):
Relevant Pages
|
