I have root access.
How can I let a general user with little permissions run a binary file as root without a password?
I tried giving it root:wheel with chown, but that did not let a general user do what I wanted.
Asked
Active
Viewed 7,809 times
1
-
1Making a binary run as root when it was not specifically designed to run as root can open *huge* security holes. For example, if it has some kind of file viewer that lets you specify your own pager, you can specify `bash` as your pager, and boom, you've got a root shell. If it lets you write to the file of your choice, you can specify `/etc/group` and add yourself to the root group. – David Schwartz Sep 08 '12 at 09:47
2 Answers
1
chown changes the owner, it doesn't make the binary run as the file owner. chmod u+s will do that however. chmod g+s will make the binary run with the file group permission on some systems as well (you don't mention what system you're running). These flags have very different effects on other files and especially folders. You should take a good long look at man chmod and man chown before diving in.
Also you should strongly consider using sudo instead of making the binary suid. When a binary is suid, anyone who can access the binary can run it as the file's owner. If you accidentally give a normal user write permissions to the binary, then they could replace it with anything that want and run it as root. sudo solves these security problems at the cost of requiring the user to prepend sudo to commands they want to run as root. You also have to setup the sodoers file with approproiate permissions.
Chris S
- 77,945
- 11
- 124
- 216
0
Run :-visudo (To edit the config file):-
Then edit the config file i.e sudoers file:-
USERNAME ALL = NOPASSWD: /path/to/binaryfile.
Save the file then you can run the binary file without requiring any password by running:-
sudo "command to run binary file".
achal tomar
- 433
- 3
- 12