14

Let's say user wants to execute a script test.sh but ls -l test.sh gives

 -rwxrwxr-- 1 root root 96 Feb 25 21:44 test.sh

Now if user doesn't want to make a copy of test.sh (on which he does chmod +x), he can simply do

sh test.sh

to execute test.sh.

Is there an analogue way to execute binary programs which one doesn't have execute permissions?

viuser
  • 2,614
  • 1
    sudo <program> - see man sudo – garethTheRed Feb 25 '16 at 21:09
  • @garethTheRed Doesn't work here for a script file; command not found. – Murphy Feb 26 '16 at 12:23
  • @Murphy - the OP asked for a way to do this with binary programs. – garethTheRed Feb 26 '16 at 13:20
  • @garethTheRed Tried it with a local copy of chmod, same result when the exec bits are unset. Perhaps this behaviour is controlled by a sudo setting? – Murphy Feb 26 '16 at 13:23
  • @Murphy - assume -rwxrwxr-- root root 86 Feb 25 21:44 test in /usr/bin. User doe doesn't have execute permission for this, but can run it with sudo test. Or have I misread the question? – garethTheRed Feb 26 '16 at 14:37
  • @garethTheRed No, you didn't, and the fault is entirely on my side. I assumed the file is completely missing the exec flags for all access groups, and some others (@MelBurslan) too, it seems. Of course sudo should be absolutely valid for the OPs case. Shouldn't your contribution be an answer, then? – Murphy Feb 26 '16 at 14:47

2 Answers2

17

Basically this is the same thing as one of the very famous UNIX technical interview questions, known for ages:

Assume someone with root access ran a command chmod -R 444 / and made the chmod binary non-executable. How do you recover from it ?

There is a perl answer and there is this one, which basically is running a non-executable program, chmod in this case:

/lib/ld-linux.so /bin/chmod +x /bin/chmod

I think you can apply it to any other program that you know is executable. Otherwise be ready to embrace the disaster, which may ensue

PS> /lib/ld-linux.so might differ in name. So if the direct match is not available, look around for similarly named so's. For instance on my CentOS 6 server, it is /lib/ld-linux.so.2 which is a symlink pointing to /lib/ld-2.12.so. So, your mileage may vary.

MelBurslan
  • 6,966
  • 8
    Well, if you did a chmod -R 444 /, then /lib/ld-linux.so won't be executable either. If your (still running) shell is zsh, you can do zmodload zsh/files which gives you a builtin chmod. If it's ksh93, you can do command /opt/ast/bin/chmod to get a builtin chmod as well. – Stéphane Chazelas Feb 25 '16 at 21:28
  • 4
    Note that the ld-linux.so trick only works for dynamically linked programs. – Stéphane Chazelas Feb 25 '16 at 21:32
  • /lib/ld-linux.so.2 /bin/ls /bin/ls: error while loading shared libraries: /bin/ls: wrong ELF class: ELFCLASS64 – viuser Feb 26 '16 at 05:38
  • @viuser The command worked for me, and file returns the same ELF format on both files. – Murphy Feb 26 '16 at 14:12
  • 2
    @viuser try /lib/x86_64-linux-gnu/ld-2.19.so /bin/ls instead. The version in /lib is for 32-bit executables. – doneal24 Feb 26 '16 at 16:06
  • I got error Standalone execution is not enabled – Abhi747 Apr 03 '23 at 16:20
-1

If the user doesn't have execute permission and cannot or is not willing to have it changed, then they must execute it as a group or user who does have execute permission.

If they know the root password then:

su -c <executable>

If they don't know the root password, but are trusted with sudo then:

sudo <executable>

If they don't know the root password and are not trusted with sudo privileges, then there is a reason why they should run the executable.

garethTheRed
  • 33,957