Allow user to execute a shell script without seeing its contents?

I'd like to have an hg hook that sends email using a gmail account. Obviously I don't want anyone to be able read the email-sending script except me or root, since it has a password in, so here's what I've tried:

-rwsr-xr-x  1 james james   58 Feb 18 12:05 incoming.email.sh
-rwx--x--x  1 james james  262 Feb 18 12:04 send-incoming-email.sh

where incoming.email.sh is the file executed as the hook:

#! /bin/bash
/path/to/send-incoming-email.sh

However, when I try to run as another user I get the error:

/bin/bash: /path/to/send-incoming-email.sh: Permission denied

The send-incoming-email.sh file works fine when I run as myself.

Is what I'm trying to do possible, or will setuid not propagate to commands executed from a shell script?

System is Ubuntu 10.04.2 LTS.

James

Posted 2011-02-18T12:15:05.520

Reputation: 270

Answers

If you need your solution to work as is, a simple hack would be to use a short C program instead of a shell script:

int main(){
setuid(geteuid());
system("/path/to/send-incoming-email.sh");
}

And have that setuid, thus avoiding the race condition, and at the same time allowing you to pass off execution of the script as root.

This isn't the best solution, by far, but it will solve the problem as described.

Jeremy Sturdivant

Posted 2011-02-18T12:15:05.520

Reputation: 2 108

setuid(geteuid()) is needed, it seems. – user1686 – 2011-02-18T14:31:34.527

Quite correct, good catch! Edited to reflect that. – Jeremy Sturdivant – 2011-02-18T14:39:03.967

I still get permission denied when I run as another user: /bin/bash: /path/to/send-incoming-email.sh: Permission denied (permissions: -rwsr-xr-x 1 james james 7227 Feb 18 16:45 incoming.email) – James – 2011-02-18T16:48:58.013

To clarify, you're running incoming.email from another user, and that message results? Try running "id" instead of the incoming email script to test the setuid operation, and make sure the incoming email script works from your user directly still. – Jeremy Sturdivant – 2011-02-21T17:52:49.220

Linux will ignore the setuid bit for shell scripts to avoid possible race-conditions.

The "proper" way of sending email on Unix/Linux systems is to configure a MTA such as Postfix, Exim4 or Sendmail and let it handle the SMTP authentication mess. There also are "relay-only" MTAs - esmtp, msmtp, ssmtp. All of these can do SMTP relaying ("smarthost") with authentication, for example, through Gmail servers. It becomes trickier on a multi-user machine, but still doable.

(When a MTA is configured, sending an email is done by passing the data to /usr/sbin/sendmail rcpt@address.)

user1686

Posted 2011-02-18T12:15:05.520

Reputation: 283 655