Read permission needed in order to execute a file?

Question

I'm trying to make a simple c-shell like program on C (for Linux) that will execute scripts.

I need to read a script file in order to execute it, but how can I read it if it has only execute permission, and no read permission?

Answer 1

Yes, you need read permissions to execute script.

However, I want to mention one possibility for another_user to run script without having r permission on the file.

You can allow somebody to execute somescript with sudo as another_user that have an r+x access to file. However, you should have an access to /etc/sudoers (i.e., to be root, or ask superuser to add the record from below to etc/sudoers)

# Run script as the user 'another_user' without asking for password
somebody ALL = (another_user) NOPASSWD: /usr/bin/somescript

Solution found at https://unix.stackexchange.com/a/77538 and https://stackoverflow.com/a/21309969/1566267

Answer 2

In short,

• A binary file you can execute with only execute permissions.
• A script is a text file, so you need read permissions.

So, you would need to play some games with group ownership, sudo, or similar.

Answer 3

You don't need read permission in order to execute a file. In fact, if you have read permission, but not execute permission, you can't execute the file. The execute permission allows you to ask the system to execute the script file.

Try with:

system("script.sh");

in order to execute a script (in the example script.sh).

You could also use:

execve("script.sh");

That would run the script replacing your script with the one in the specified script keeping the same pid as your script (as shown here)

Answer 4

The classic way of doing this is to make the wrapper C application setuid root. Root can read everything, regardless of permissions. That comes with a whole bunch of warnings though. Make sure that you're not closing a small security hole by opening a much larger one.