[mdlug] How can I set up a process initiated by another user to execute as my user ID?

Fati fati at venerealinjection.com
Sun Apr 22 21:31:41 EDT 2007


On 4/16/07, Aaron Kulkis <akulkis3 at hotpop.com> wrote:
> gib at juno.com wrote:
> >
> >
> > How can I set up a process initiated by another user to execute as my
> > user ID?
> >
> > I have a process that logs into an ftp server with my user ID and my
> > password but I don't want to provide my password to someone else.  How
> > can I allow someone else to execute this process?
> >
>
> I'm assuming that it's compiled code, and not a shell script.
>
> If so, just make sure that YOU are the owner of the executable,
> and then use chmod to set the "set User ID" (setuid) bit.
>
> chmod 1755 executable_file
>
>
>
>
> > Alternatively, can I set up a process that will be able to read the
> > password from a secure location without the user seeing it?
> Yes, same way.
>
>
>
>
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>

4751 might be even better.  If the world has read permissions on the
binary, they may be able to find it as easily as running strings on
the binary.  In either case hard coding it period, even with a
debugger can still be found with a bit of persistance and gdb.  The
best compromise would probably be to make the program 700 and runnable
only as root with sudo.  In this way you could prevent anyone from
executing it with gdb or examining the binary for strings.

-- 
Fati
"I don't know what weapons World War Three will be fought with, but
World War Four will be fought with sticks and stones."  - Albert
Einstein



More information about the mdlug mailing list