heh... i completely missed that. henry, what's up with the K+R? ;) and i'm a competant enough C programmer to know you can call scripts from C, but that wasn't the point. useradd is a script, not a C executable. so i have no idea why it would honor his request for setuid since he didn't mention anything about writing a wrapper... pete On Sun 09 Jan 00, 7:07 PM, D-Man said... > On Tue, Jan 09, 2001 at 11:08:12PM -0800, Henry House wrote: > [snip] > | It is a kernel restriction (warranted or paranoid as the case may be) but it > | can be bypassed if need be by writing a little C wrapper: > | #define REAL_PATH "/path/to/script" > | main(ac, av) > | char **av; > | { > | execv(REAL_PATH, av); > | } > | > | (Shamelessly ripped from perlsec(1p).) > | > > Interesting. That's not ANSI C. (It's K&R style)
Attachment:
pgpSqV4NVsp5g.pgp
Description: PGP signature