Security question - running a root command not being root
ignored_mailbox at yahoo.com.au
Sat May 20 14:31:43 UTC 2006
>> I need some guys that access my server to run command that only root
>> can, specifically (tcpdump) but i don't want to pass the root password
>> to them.
>> Is there a way i can do this? without violating the "normal" security
>> rules? I mean no changing permissions to the command *tcpdump*.
Vivek J. Patankar:
Don't forget that by allowing sudo you *can* also allow them to do any
command that normally requires root privileges. Do this sort of thing
with care (read the guides, test things yourself thoroughly).
(Currently running FC4, occasionally trying FC5.)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the users