Can a normal user somehow execute a root-owned script?

From: Mark (g_i_f_f_o_at_hotmail.com)
Date: 07/16/03 

Date: 16 Jul 2003 09:21:05 -0700

Hi all,

We have a system which uses Solaris and NIS at the moment over about
20 local sites.

I'm looking for a way in which a developer can update his application
which is currently distributed onto a server on one of several
locations. His app used to be served from his own machine on the
network but because of bandwidth issues it's now been moved onto the
servers on local locations. This app gets amended and updated fairly
often, which was no problem when it was on his own machine where he
has root access. But now obviously this user can't have the sort of
access rights needed to log on to all of the local servers and update
the newer version of his application, and this is the problem.

I did have a few ideas, but I'm hitting a a few brick walls.

I thought the developer could fire off an email to a dummy user, which
through /mail/aliases (e.g. dummyuser "| script") would execute a
script that is supposed to take the newer version from the guys
machine and then distribute it to the other on-location servers,
probably through the use of our trusted host. The problem is the
script seems to be executed by daemon, and so if the script is
root-owned it simply won't get executed.

It's not really possible for me to use the cronjob to check if a
version on a central machine has been updated then have it distribute
it to the other sites' servers because the app really needs to be
updated in realtime. All the versions of the app need to be the same
for all sites.

Is it possible for a root-owned script to be executed somehow (through
whatever mechanism) by a normal user. How the script does the fetching
and distributing is not a massive problem if it's run by root after
all.

Sorry if I've left any essential background information out, I suspect
I might've since this question was composed in a bit of a hurry! Any
ideas would be very much appreciated. Feel free to cc any suggestions
to my email address because I might not be able to check the newsgroup
the next few days.

Many thanks,

Mark

Relevant Pages

  • Re: Can a normal user somehow execute a root-owned script?
    ... His app used to be served from his own machine on the ... > servers on local locations. ... > script that is supposed to take the newer version from the guys ... RBAC for Solaris 8 or 9. ...
    (comp.unix.solaris)
  • Re: Passed arguments not being passed to target script
    ... > The debug statements include a write to text file after the execute ... I don't see any issue with either script. ... sp2 as they do on one of your w2k sp4 servers. ... the scripts are local to each server and that you execute ...
    (microsoft.public.scripting.wsh)
  • EVENT ID:1000, SOURCE: USERINIT ERROR
    ... the MSKB site. ... "could not execute the following script ... Also my logon.bat script works just fine with my ... servers and PC's, but on every PC and server I get that error msg. ...
    (microsoft.public.win2000.general)
  • Re: How to setup database in VS Setup project?
    ... I would like the script to run. ... I made a console app that runs the ... The command windows pops up real quick, ... The difference is that you need to execute one batch at a time. ...
    (microsoft.public.dotnet.general)
  • Re: How do I simulate Ctrl+Alt+Del?
    ... Do you means that your script really need to interact with the UI? ... >I need to execute some tasks on my servers during night. ... > windows session to be open. ...
    (microsoft.public.win2000.general)