|Perl: the Markov chain saw|
Re: Re: Re: Re: Executing Root Commands from user levelby arhuman (Vicar)
|on Jan 18, 2002 at 21:10 UTC||Need Help??|
Either I miss somthing either you ignore that sudo can be configured to grant precise/limited access to some prog.
Here I allow user1,user2,user3 (WEBMASTERS's sudo group) to use apachectl
Here I allow user2,user3 (SYSADMINS's sudo group) to use the ueber-elite /bin/wiz command
Here I allow user4 (DUMBUSERS's sudo group) to use the /bin/blah (I really don't trust him ;-)
If an intruder compromise the user4 account he can't do more than executing /bin/blah.
Sudo offer tons of other features (ask for passwd, execute under other UID...).
You really should give it a try...
"Only Bad Coders Code Badly In Perl" (OBC2BIP)