From owner-freebsd-questions@FreeBSD.ORG  Wed May 11 01:43:44 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B78DD1065674
	for <freebsd-questions@freebsd.org>;
	Wed, 11 May 2011 01:43:44 +0000 (UTC) (envelope-from DStaal@usa.net)
Received: from mail.magehandbook.com
	(173-8-4-45-WashingtonDC.hfc.comcastbusiness.net [173.8.4.45])
	by mx1.freebsd.org (Postfix) with ESMTP id 8F39D8FC15
	for <freebsd-questions@freebsd.org>;
	Wed, 11 May 2011 01:43:44 +0000 (UTC)
Received: from [192.168.1.50] (Mac-Pro.magehandbook.com [192.168.1.50])
	by mail.magehandbook.com (Postfix) with ESMTP id 98361B74
	for <freebsd-questions@freebsd.org>;
	Tue, 10 May 2011 21:43:43 -0400 (EDT)
Date: Tue, 10 May 2011 21:43:43 -0400
From: Daniel Staal <DStaal@usa.net>
To: freebsd-questions@freebsd.org
Message-ID: <58DB9F20CBF1C01E9468FCEA@mac-pro.magehandbook.com>
In-Reply-To: <4DC9DE2C.6070605@telting.org>
References: <4DC9DE2C.6070605@telting.org>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Subject: Re: Established method to enable suid scripts?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: FreeBSD Questions <freebsd-questions@freebsd.org>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 11 May 2011 01:43:44 -0000

--As of May 10, 2011 5:54:04 PM -0700, Chris Telting is alleged to have 
said:

> I've googled for over an hour.
>
> I'm not looking to get into a discussion on security or previous bugs
> that are currently fixed.  Suid in and of itself is a security issue.
> But if you are using suid it it should work; I don't want to use a kludge
> and I don't want to use sudo.  I'm hoping it's a setting that is just
> disabled by default.

--As for the rest, it is mine.

It should just work, in most cases.  (I think there are a couple of base 
programs that _require_ being suid to work.  Otherwise you wouldn't be able 
to log in to a box...)

One thought: What's the output of 'mount' for the slice you are trying to 
run this script from?  (Suid can be blocked on a per-mountpoint basis.)

Daniel T. Staal

---------------------------------------------------------------
This email copyright the author.  Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes.  This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---------------------------------------------------------------