Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Re: Re: Re: Re: Re: Executing Root Commands from user level

by Masem (Monsignor)
on Jan 18, 2002 at 21:31 UTC ( #139875=note: print w/replies, xml ) Need Help??

in reply to Re: Re: Re: Re: Executing Root Commands from user level
in thread Executing Root Commands from user level

Ok, I've seen versions of sudo (maybe thrown together for a specific system) that lack the fine grained control that the modern versions of sudo appear to have, and that turned me off to the use of sudo in favor of other fine-grained solutions.

But you and I both have the same message: security (in general, and in this case) means to only allow specific cases to be accepted, instead of denying general cases, as it's more likely to find a hole in those general cases that will break your security than in the former case. So if the original poster does use sudo, make sure to set up the sudo table as arhuman as indicated to make sure only those that need to restart apache have the ability to do so , and only that ability. And this would require no extra special script or the like, just the line that is above in the sudo configuration file.

Dr. Michael K. Neylon - || "You've left the lens cap of your mind on again, Pinky" - The Brain
"I can see my house from here!"
It's not what you know, but knowing how to find it if you don't know that's important

  • Comment on Re: Re: Re: Re: Re: Executing Root Commands from user level

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://139875]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (5)
As of 2017-03-26 17:12 GMT
Find Nodes?
    Voting Booth?
    Should Pluto Get Its Planethood Back?

    Results (315 votes). Check out past polls.