Allow user to execute a shell script without seeing its contents?

shell-script setuid

If you need your solution to work as is, a simple hack would be to use a short C program instead of a shell script:

int main(){
setuid(geteuid());
system("/path/to/send-incoming-email.sh");
}

And have that setuid, thus avoiding the race condition, and at the same time allowing you to pass off execution of the script as root.

This isn't the best solution, by far, but it will solve the problem as described.


Linux will ignore the setuid bit for shell scripts to avoid possible race-conditions.

The "proper" way of sending email on Unix/Linux systems is to configure a MTA such as Postfix, Exim4 or Sendmail and let it handle the SMTP authentication mess. There also are "relay-only" MTAs - esmtp, msmtp, ssmtp. All of these can do SMTP relaying ("smarthost") with authentication, for example, through Gmail servers. It becomes trickier on a multi-user machine, but still doable.

(When a MTA is configured, sending an email is done by passing the data to /usr/sbin/sendmail rcpt@address.)

Related

Producing a udp stream delay with ffmpeg
Why won't my computer boot?
Setting Deny Permissions with ICACLS on "This Folder"
Google Chrome Sync extension preference
how to save custom data into header in movie file using ffmpeg?
How can I disable internet for a specific interface in Windows 7?
RTL8821CE DKMS driver will not work with secure boot enabled
Wifi on Dell Latitude 3340 cannot be enabled after installing Ubuntu 15.10
How to automatically load and unload .env file with variables
Sudo crontab -e vs crontab -e running command as sudo
How to make a pen drive as a RAM in an Ubuntu operating system
How to use Korean (hangul) and a virtual keyboard / onboard?