<div dir="ltr">Ok, first problem. If I could setuid perl, I'd be done a long time ago. I haven't done C since comp-sci 101 20 years ago.<div><br></div><div>Second problem: Running the system command with the variable.<div>
<br><div>Basically I'm trying to do something like this:</div><div><br></div><div><div>#include <stdio.h></div><div>#include <stdlib.h></div><div>#include <sys/types.h></div><div>#include <unistd.h></div>
<div><br></div><div><br></div><div>int main(int argc, char **argv)</div><div>{ </div><div><br></div><div> char Target[5] = argv[1];</div><div> printf("%s\n", argv[1]);</div><div> printf("%s\n", Target);</div>
<div><br></div><div> setuid( 662705787 );</div><div> </div><div> char Command[255]="/home/user/bin/Test.sh %s", Target;</div><div><br></div><div> system( "ssh user@serverB -C %s", Command );</div><div>
<br></div><div> return 0;</div><div>}</div><div><br></div></div></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, May 22, 2014 at 8:09 PM, Robert L. Harris <span dir="ltr"><<a href="mailto:robert.l.harris@gmail.com" target="_blank">robert.l.harris@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><br></div><div>The only user-id change needed is for the one server to server connection. Everything else runs as the normal user. I want to keep it as simple as possible for the users as I'm really pushing the boundaries of their technical ability by having them use putty in the first place let alone asking them to run a command line. The main perl script does all the logic checking, etc already, but I don't want someone else finding and running the setuid script and doing something malicious just because they can.</div>
</div><div class="gmail_extra"><div><div class="h5"><br><br><div class="gmail_quote">On Thu, May 22, 2014 at 7:20 PM, JD <span dir="ltr"><<a href="mailto:jdp@algoloma.com" target="_blank">jdp@algoloma.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>On 05/22/2014 07:37 PM, Robert L. Harris wrote:<br>
> The reason for the "system" is just to see what value I'm getting out.<br>
><br>
> I have a perl script doing a bunch of processing which will be run by a couple<br>
> different users. One aspect of the perl script is to connect to another machine<br>
> and run a command as a specific user. Instead of having others know the passwd,<br>
> etc. I have a hostkey set up from my server as a non-privledged user to another<br>
> system. I want to have the C program setuid to the non-privledged user, ssh to<br>
> the second server and run 1 command with the only variable being XXXXX. More<br>
> convoluted than I want but the safest method I can come up with to get just the<br>
> output I need from the second server.<br>
<br>
</div>This sounds like a job for sudo to me. I must be reading it wrong.<br>
sudo isn't just for root/admin needs.<br>
<div><div>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div></div></div><div class="">-- <br>:wq!<br>---------------------------------------------------------------------------<br>Robert L. Harris<br><br>DISCLAIMER:<br>
These are MY OPINIONS With Dreams To Be A King,<br>
ALONE. I speak for First One Should Be A Man<br> no-one else. - Manowar
</div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>:wq!<br>---------------------------------------------------------------------------<br>Robert L. Harris<br><br>DISCLAIMER:<br> These are MY OPINIONS With Dreams To Be A King,<br>
ALONE. I speak for First One Should Be A Man<br> no-one else. - Manowar
</div>