restricted chmod - follow up

Smith, Kevin (CAP, GCF) Kevin.Smith3 at gecapital.com
Tue Mar 21 06:38:53 EST 2000


Roger,

This causes a syntax error in /etc/sudoers to be displayed.
However, as the call to chmod is checked for octals in the callng script it
does not cause a problem
One more for the 'wrapper' library I think!

Regards

Kev Smith 
GCF Unix technical support
Kingswood, Bristol, UK
[44] (0)117 991 2645

-----Original Message-----
From: Roger McCalman [mailto:r.mccalman at elsevier.co.uk]
Sent: Tuesday, March 21, 2000 9:30 AM
Cc: 'sudo-users at courtesan.com'
Subject: Re: restricted chmod - follow up


What happens with things like u+s,g+s ?

Cheers, Roger

On Tue, Mar 21, 2000 at 09:32:11AM +0100, Smith, Kevin (CAP, GCF) wrote:
> All,
> 
> Many thanks to those who responded to my enquiry regarding running a
> restricted chmod. {Emil & Matt}
> 
> I have found that
> 
> !/bin/chmod [1-4]??? * in /etc/sudoers
> 
> Appears to work. Basically I wanted to stop users from setting the
> sticky/setuid bit on a file.
> Upon testing, normal chmod using any octal works and any 'other' bit
setting
> [between 1 and 4] fails
> 
> Regards
> 
> Kev Smith 
> GCF Unix technical support
> Kingswood, Bristol, UK
> [44] (0)117 991 2645



More information about the sudo-users mailing list