[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Sudo from scripts



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jerry Feldman wrote:

> Giving root ownership to a script IMHO is a security issue.

this is true. i have always wondered why nothing has ever been coded to check
'chown' to insure that such is only done by those who have proper authority.

> Actually, the backup 
> script probably should have been run as root via a root crontab in the 
> first place.

many times, backups need be run by a 'user', but they should only be allowed
to back up their own files.

yet there is a big hole in that 'user' can backup a lot of 'system' files.
another problem and potential breach of security. i hope that such as this
would be covered by selinux, but i do not believe it has.
- --
peace out.

tc,hago.

g
.

in a free world without fences, who needs gates.

learn linux:
'Rute User's Tutorial and Exposition'   http://rute.2038bug.com/index.html.gz
'The Linux Documentation Project'   http://www.tldp.org/
'LDP HOWTO-index'   http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge'   http://howtoforge.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org

iD8DBQFJIa0V+C4Bj9Rkw/wRAhYWAKCEF9S+VCD7Gp7aL7dvxGx2ScR+ggCgovHM
yJcE/SRG8OJdp+SIwfqIZxk=
=Dk+N
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]