Followup: Re: Resolved: Re: Help with suid (bash)

[rhkramer]

By the way, thanks to all who replied!  One followup below.

On Tuesday, May 10, 2022 08:20:10 AM rhkra...@gmail.com wrote:
> Ok, thanks very much!
> 
> That resolves that -- I do have another way of doing it (the c helper
> program), I just don't like it -- I'll probably continue to use that but
> think about alternatives.

Ahh, the (an) obvious (finally ;-) alternate solution is to incorporate the 
luks and mount commands directly in the c helper program, as that at least 
avoids the confusion (to me) of having both a script and a c program for each 
partititon (and I could consider "parameterizing" the partitions).

E.g., in my (typical) c program, instead of 

   setuid( 0 );
   system( "" );

do 

   setuid( 0 );
   system( "/sbin/cryptsetup luksOpen /dev/sd  " );
   system( "/bin/mount /dev/mapper/ " );

Resolved: Re: Help with suid (bash)

[rhkramer]

(Intentionally top posting)

Ok, thanks very much!  

That resolves that -- I do have another way of doing it (the c helper 
program), I just don't like it -- I'll probably continue to use that but think 
about alternatives.

On Tuesday, May 10, 2022 07:58:39 AM Greg Wooledge wrote:
> The Linux kernel does not honor the setuid bit on a script.  Any script.
> Anything that's executed via a shebang, rather than an ELF header.
> 
> This is for security purposes, as there's some sort of race condition
> or something.  I forget the exact details, but the point is, you can't
> do this.  Find another solution.