[ale] C question

Robert L. Harris robert.l.harris at gmail.com
Thu May 22 22:56:40 EDT 2014


Ok, first problem.  If I could setuid perl, I'd be done a long time ago.  I
haven't done C since comp-sci 101 20 years ago.

Second problem:  Running the system command with the variable.

Basically I'm trying to do something like this:

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>


int main(int argc, char **argv)
{

  char Target[5] = argv[1];
  printf("%s\n", argv[1]);
  printf("%s\n", Target);

  setuid( 662705787 );

  char Command[255]="/home/user/bin/Test.sh %s", Target;

  system( "ssh user at serverB -C %s", Command );

  return 0;
}



On Thu, May 22, 2014 at 8:09 PM, Robert L. Harris <robert.l.harris at gmail.com
> wrote:

>
> The only user-id change needed is for the one server to server connection.
>  Everything else runs as the normal user.  I want to keep it as simple as
> possible for the users as I'm really pushing the boundaries of their
> technical ability by having them use putty in the first place let alone
> asking them to run a command line.  The main perl script does all the logic
> checking, etc already, but I don't want someone else finding and running
> the setuid script and doing something malicious just because they can.
>
>
> On Thu, May 22, 2014 at 7:20 PM, JD <jdp at algoloma.com> wrote:
>
>> On 05/22/2014 07:37 PM, Robert L. Harris wrote:
>> > The reason for the "system" is just to see what value I'm getting out.
>> >
>> > I have a perl script doing a bunch of processing which will be run by a
>> couple
>> > different users.  One aspect of the perl script is to connect to
>> another machine
>> > and run a command as a specific user.  Instead of having others know
>> the passwd,
>> > etc.  I have a hostkey set up from my server as a non-privledged user
>> to another
>> > system.  I want to have the C program setuid to the non-privledged
>> user, ssh to
>> > the second server and run 1 command with the only variable being XXXXX.
>>  More
>> > convoluted than I want but the safest method I can come up with to get
>> just the
>> > output I need from the second server.
>>
>> This sounds like a job for sudo to me.  I must be reading it wrong.
>> sudo isn't just for root/admin needs.
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
>
>
> --
> :wq!
> ---------------------------------------------------------------------------
> Robert L. Harris
>
> DISCLAIMER:
>       These are MY OPINIONS             With Dreams To Be A King,
>        ALONE.  I speak for                      First One Should Be A Man
>        no-one else.                                     - Manowar
>



-- 
:wq!
---------------------------------------------------------------------------
Robert L. Harris

DISCLAIMER:
      These are MY OPINIONS             With Dreams To Be A King,
       ALONE.  I speak for                      First One Should Be A Man
       no-one else.                                     - Manowar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140522/520f3f8c/attachment.html>


More information about the Ale mailing list