Running a process requiring super user privilege from non super user - Aix

This is a discussion on Running a process requiring super user privilege from non super user - Aix ; Hi All I want to run a process, that can only be run by a super user, by a normal user. I heard that this can be done by using some uid etc. Please help me if anyone knows anything ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Running a process requiring super user privilege from non super user

  1. Running a process requiring super user privilege from non super user

    Hi All
    I want to run a process, that can only be run by a super user,
    by a normal user. I heard that this can be done by using some uid etc.
    Please help me if anyone knows anything about this or the uid solution


  2. Re: Running a process requiring super user privilege from non super user

    On Feb 20, 6:00 am, "chets" wrote:
    > Hi All
    > I want to run a process, that can only be run by a super user,
    > by a normal user. I heard that this can be done by using some uid etc.
    > Please help me if anyone knows anything about this or the uid solution


    Hiya,

    The thing you want is the setuid bit on a program. You set it using
    chmod. For instance, if your program is called "compromise", you go:

    # chmod 4755 compromise

    The 4 in front of the normal 755 permissions sets the setuid bit.

    >From that moment on, whenever someone executes the "compromise"

    program, it will run under the ID of the owner of the compromise
    program. Root or another user. However, there's a few catches with
    this (apart from the obvious that you shouldn't give someone write
    access to it). It doesn't work for shell scripts. Also, unless you
    want to create a special group and give execute rights only to that
    group, you don't have fine control over who does what.

    What you *really* want is a program called sudo, which lets you make
    lists of exactly who is allowed to do what with or without entering
    their own password. The config file documentation contains the words
    "Backus-Naur Form" and is therefore crap, but with a bit of
    perseverence and some examples you should be able to get what you
    want.

    Cheers,
    Menno Willemse


+ Reply to Thread