Rich Freeman on 7 Nov 2016 17:44:03 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] LINUX LOW LEVEL PROGRAMMING QUESTION


On Mon, Nov 7, 2016 at 8:18 PM, JP Vossen <jp@jpsdomain.org> wrote:
> On 11/07/2016 07:59 PM, Ronald P Guilmet wrote:
>>
>> The problem:
>> I have a Dell laptop that I cannot adjust the screen brightness via the
>> settings shown to me. I can however change them by echoing a value to
>> the /sys/class/.... file. This is not distro specific, it doesn't work
>> in Ubuntu or Fedora. I am currently using Fedora 24.
>>
>> suid is disabled in Bash for security reasons. I can execute an echo
>> <value> > /file/path and it works. If I put that in a bash script and
>> run it from the root command line, it will not execute. No errors, it
>> just won't change the values.
>
>
> If you are root, either because you ran `su`, `sudo` or put something in
> root's crontab, I don't understand how it can work one way but not the
> other...

sudo != suid.  suid scripts being disabled is unsurprising, because
there is a race condition in having them around.

Now, what you can do is put a script in the sudoers file with NOPASSWD
and so on, and that is both secure and will let any (designated) users
run that script with sudo, and let you call it from other scripts,
crontab, and so on I think.

The other thing you can do is write a wrapper in C which does nothing
but exec the shell script, and make that C wrapper suid.  That is also
secure.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug