Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Hi.
On Tue, 24 Dec 2013 10:03:15 +0100
"Hans-J. Ullrich" <hans.ullrich@loop.de> wrote:
> Hi Paul,
> I do not intend to hijack this discussion but I think I have got the same
> problem!
>
> Fist thank you for your explanation. I am following this discussion and I have
> a similar problem. I made a script, which is calling an application
> (/usr/bin/cpufreq-set) with additional tags.
>
> But I cannot get this script running with root privileges, although I set the
> setuid bit to root at my scriipt and cpufreq-set is set to owner root:root.
I'm not Paul, but that's simple.
Setuid bit is ignored for scripts.
The reason for it is - the only thing that's able to spawn a process is
an executable, which has certain format (ELF for Linux, possibly a.out
- that depends on a kernel configuration).
Every time you execute a script, you, in fact, are invoking script
interpreter (probably /bin/sh in this case), which, in turn,
executes your script.
So, to make your script work you can:
a) Bad idea.
Set suid bit on an appropriate script interpreter.
b) So-so idea.
Write your own BINARY executable and set suid bit on it.
c) Good idea.
Use sudo(1).
Reco
Reply to: