Monte sem sudo usando bocado pegajoso?
https://stackoverflow.com/questions/9526985
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
Eu estou tentando escrever um script de shell para montar o dispositivo de loop, e eu estou atribuindo este script com um bit pegajoso para executar como uid (raiz). (isto é para outros usuários no servidor) o problema é que eu não possoparece executar o comando 'Mount' sem usar sudo na frente dele.Quando estou na conta root, posso executar o comando 'Mount' sem qualquer problema, então eu pensei que definindo o script com o rws-r_x-r_x faria isso.
Eu estou entendendo mal o conceito de usar bit pegajoso?ou há de outra maneira?
O servidor está sendo executado sob o Ubuntu 10.04
Solução
You mean the setuid bit, not the sticky one. The kernel doesn't honor the setuid bit on scripts. See this post for a thorough description, here's a summary: the gist is that suid on a script is insecure.* The kernel starts reading the script to execute it, but it sees the #!/path/to/interpreter and figures out that it needs to be interpreted. It then cancels "executing" the script directly and calls the specified interpreter, passing the script name as the first argument (and all subsequent arguments in order after that). The reason setting UID is insecure in this instance is that an attacker could potentially change the script to be executed between the kernel setting the new UID and the interpreter reading the file.
*: The other post mentioned that perl handles its scripts in such a way that they can be suid.
As for the actual mounting problem at hand, add a line to /etc/fstab/ and include the user option.
