[CS-FSLUG] Script Security WAS: SHELP!!!
Josiah Ritchie
jritchie at bible.edu
Thu Jul 22 13:33:58 CDT 2004
On Thu, 2004-07-22 at 12:00, Tim Young wrote:
> Of course, allowing someone to have permission to sudo a bash shell is
> basically allowing them to have root access. :)
>
> The better way is to have a bash script that runs that you can give them
> sudo access to.
Couldn't you give it sticky permissions and set the owner to someone who
had sudo access? You would of course remove write and read permission
and limit to x permissions. Is that not also acceptable?
This brings to mind an entirely different issue., any user could write
their own script, set the permissions then give ownership to a user that
has sudo permissions. Then they could run it, even if they couldn't
delete it and re-write it. Surely this has been solved as its far too
trivial. Anyone know how?
JSR/
More information about the Christiansource
mailing list