Allow user to execute a shell script without seeing its contents?

Posted by Autopulated on Super User See other posts from Super User or by Autopulated
Published on 2011-02-18T12:15:05Z Indexed on 2011/02/18 15:27 UTC
Read the original article Hit count: 416

Filed under:

shell-script

|

setuid

I'd like to have an hg hook that sends email using a gmail account. Obviously I don't want anyone to be able read the email-sending script except me or root, since it has a password in, so here's what I've tried:

-rwsr-xr-x  1 james james   58 Feb 18 12:05 incoming.email.sh
-rwx--x--x  1 james james  262 Feb 18 12:04 send-incoming-email.sh

where incoming.email.sh is the file executed as the hook:

#! /bin/bash
/path/to/send-incoming-email.sh

However, when I try to run as another user I get the error:

/bin/bash: /path/to/send-incoming-email.sh: Permission denied

The send-incoming-email.sh file works fine when I run as myself.

Is what I'm trying to do possible, or will setuid not propagate to commands executed from a shell script?

System is Ubuntu 10.04.2 LTS.

© Super User or respective owner

Related posts about shell-script

How to Use USER_DEFINED Activity in OWB Process Flow

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Process Flow is a very important component of Oracle Warehouse Builder. With Process Flow, we can create and control the ETL process by setting all kinds of activities in a well-constructed flow. In Oracle Warehouse Builder 11gR2, there are 28 kinds of activities, which fall into three categories:… >>> More
How To Run A Shell Script Again And Again Having X Interval Of Time?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a shell script in my Ubuntu Server 14.04 LTS at ./ShellScript.sh. I setup /etc/rc.local to run the shell script after boot but before login using below code. Run this: sudo nano /etc/rc.local then add following and save. #!/bin/sh -e # # rc.local # # This script is executed at the end of… >>> More
Getting output of a shell script in Cocoa

as seen on Stack Overflow - Search for 'Stack Overflow'
Is there a way that lets me run a shell script, and display the output in an NSTextView? I do not want any input from the user to the shell script at all, since is is just called to compile a buch of files. The shell script part works fine so far, but I just can't figure out how to run it and show… >>> More
How to process Perl array element in Shell script

as seen on Stack Overflow - Search for 'Stack Overflow'
For ex : in PERL @array = (1,2,3); system ("/tmp/a.sh @array" ); In shell script how to handle this array in shell script how to handle the shell script to receive as arguments? and how to use that array variable in shell script >>> More
Unix shell script with Iseries command

as seen on Stack Overflow - Search for 'Stack Overflow'
I am trying to ftp a file from unix to as400 and executing iseries command in the script. ftp is working fine,I am getting an error in jobd command as HOST=KCBNSXDD.svr.us.bank.net USER=test PASS=1234 #This is the password for the FTP user. ftp -env $HOST << EOF… >>> More

Related posts about setuid

sudo or acl or setuid/setgid ?

as seen on Server Fault - Search for 'Server Fault'
Hi, for a reason I do not really understand, everyone wants sudo for all and everything. At work we even have as many entries as there are way to read a logfile (head/tail/cat/more, ...). I think, sudo is defeating here. I'd rather use a mix of setgid/setuid directories and add ACL here and there… >>> More
checksecurity / setuid changes, is this a bug or did somebody break in?

as seen on Server Fault - Search for 'Server Fault'
I received a mail by checksecurity from my ubuntu 12.04 server with the following content: --- setuid.today 2012-06-03 06:48:09.892436281 +0200 +++ /var/log/setuid/setuid.new.tmp 2012-06-17 06:47:51.376597730 +0200 @@ -30,2 +30,2 @@ - 131904 4755 2 root root 71280 Wed May… >>> More
Get calling user ID in PHP setuid script

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a PHP script on Linux in which the sticky bit is set, so it gets executed as the file owner. How can I get the user id of the calling process, for authorization purposes? Context: I have two applications on a server, and want one to request some info from the other. For this reason the other… >>> More
(Ubuntu) setuid bash doesn't work

as seen on Server Fault - Search for 'Server Fault'
Here is the code: (root:) # mkdir /test # cp /bin/bash /test/sbash # chmod a+s /test/sbash (user1:) $ cd /test $ ./sbash $ mkdir trycreate mkdir: cannot create directory `trycreate': Permission denied And bash scripts with setuid bit set not work, either. By the way, my setuid perl script… >>> More
sudo: must be setuid root

as seen on Server Fault - Search for 'Server Fault'
Recently, due to some messy stuff with master boot record, I have to re-install my Ubuntu. Before doing that, I back up all folder (exclude root, bin, sbin, tmp, media, mnt) to a NTFS partition. After installation of Ubuntu, I copied back all the folder using a nautilus (running by sudo nautilus)… >>> More