From the bash manpage on a 16.04 system:
Code:
If the shell is started with the effective user (group) id not equal to
the real user (group) id, and the -p option is not supplied, no startup
files are read, shell functions are not inherited from the environment,
the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE variables, if they
appear in the environment, are ignored, and the effective user id is
set to the real user id. If the -p option is supplied at invocation,
the startup behavior is the same, but the effective user id is not
reset.
and later
Code:
executed. If the -p option is given, the search for command is
performed using a default value for PATH that is guaranteed to
find all of the standard utilities.
and later
Code:
-p Turn on privileged mode. In this mode, the $ENV and
$BASH_ENV files are not processed, shell functions are
not inherited from the environment, and the SHELLOPTS,
BASHOPTS, CDPATH, and GLOBIGNORE variables, if they
appear in the environment, are ignored. If the shell is
started with the effective user (group) id not equal to
the real user (group) id, and the -p option is not sup‐
plied, these actions are taken and the effective user id
is set to the real user id. If the -p option is sup‐
plied at startup, the effective user id is not reset.
Turning this option off causes the effective user and
group ids to be set to the real user and group ids.
I've written setuid-root programs a few times. Always follow the best practices, especially when using shell scripts. Definitely capture any signals and have a good cleanup routine. Never called a script from mine, however.
Can you show the 'system()' call from the code?
Bookmarks