Sudo from scripts
g
geleem at bellsouth.net
Mon Nov 17 17:42:45 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jerry Feldman wrote:
> Giving root ownership to a script IMHO is a security issue.
this is true. i have always wondered why nothing has ever been coded to check
'chown' to insure that such is only done by those who have proper authority.
> Actually, the backup
> script probably should have been run as root via a root crontab in the
> first place.
many times, backups need be run by a 'user', but they should only be allowed
to back up their own files.
yet there is a big hole in that 'user' can backup a lot of 'system' files.
another problem and potential breach of security. i hope that such as this
would be covered by selinux, but i do not believe it has.
- --
peace out.
tc,hago.
g
.
in a free world without fences, who needs gates.
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org
iD8DBQFJIa0V+C4Bj9Rkw/wRAhYWAKCEF9S+VCD7Gp7aL7dvxGx2ScR+ggCgovHM
yJcE/SRG8OJdp+SIwfqIZxk=
=Dk+N
-----END PGP SIGNATURE-----
More information about the users
mailing list