> Is it possible to give a user root access to a machine without using
> su???
Yes, it is, and it isn't too hard either. You can write a small
"wrapper" program and set the suid bit on it. Then the user runs this
program to execute whatever is in it after the suid. An example program
I got from a friend a long time back:
#include <stdio.h>
#include <grp.h>
#include <sys/types.h>
int main(int argc,char *argv[]) {
int rgid, egid;
int ruid, euid;
int param;
char command[1024];
int errorvalue;
/* keep the real values to restore later */
ruid = getuid(); euid = geteuid();
rgid = getgid(); egid = getegid();
setreuid(0, 0);
perror("stuff");
setregid(0, 0);
perror("stuff2");
/* iteratively strcat the commandline together */
command[0] = '\0';
for (param = 1; param < argc; param++) {
strcat(command, argv[param]);
strcat(command, " ");
}
printf("Executing: %s\n", command);
/* actually run the command */
errorvalue = system(command);
/* get back to the real group ids */
setreuid(ruid, euid);
setregid(rgid, egid);
/* exit */
exit(errorvalue);
}
This program will execute an arbitrary command given by a user as
the user root in the root group. After compiling you *MUST* chmod +s the
program. Please note that this is a horribly bad idea to use this
program on your system. *ANYONE* could simply run this program to gain
root access. You could however make the program a bit more secure. You
could change it so it only ran what you needed instead of something from
the command line.
Have fun,
Daniel Thom
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html