How to SUID? Shellscript, Perlscript, Binary-Wrapper?

Question

I just read some articales about suid.

lets say i need the helpdesk to be able to change customer passwords. it would be good if i could execute a ruby script that checks the db if the user is a customer (i dont want the helpdesk to change roots password) and then it runs "passwd user" on it

what would be a secure way to do this?

score 3 · Answer 1 · answered Mar 09 '11 at 13:18

3

The current trend is to use sudo.

answered Mar 09 '11 at 13:18

Mircea Vutcovici

16,706
4
52
80

last year alone 4 sudo vulnerabilities. sudo seems to suck – baj Mar 09 '11 at 13:27
2

@banditj: and so much more security vulnerabilities related to SUID scripts and executables... – skinp Mar 09 '11 at 14:16

How to SUID? Shellscript, Perlscript, Binary-Wrapper?

1 Answers1