Ideas for ssh / sudo

Brent n9bc at netnet.net
Tue Oct 10 15:19:10 EDT 2000


Thanks for the input. I was thinking about the webpage idea. But I'd
rather not have a web server running on that machine. If you can think
of anything else let me know.

-Brent


> In a message dated: 11 Oct 2000 00:41:36 +0600
> Brent said:
> 
> >I have a problem that maybe someone on the list can help me out on.
> >I need a to set up my sales guys to be able to addemail aliases on a
> >server which they don't have accounts on. I was planning on useing sudo
> >and ssh to do it. If anyone has done this or something close to it.
> >Please drop me a email with any ideas or problems that you ran into. 
> 
> Well, you could easily let them do something like:
> 
>       sudo <some priv. account> ssh <restricted system>
> 
> However, they are then logged into that system as that user and have all the 
> priviledges of that users.  What I would recommend is either create them
> each accounts on that server which have the right to edit the aliases file,
> or, better yet, what I would do here, is set up a web page they must log into
> which asks them for an alias name and a list of user names/e-mail addresses
> to add to the list, then have the web server kick off the update of the 
> aliases file.  Though there is a certain level of insecurity in that as well.
> 
> Thinking about it, it may be better to set up something like majordomo or 
> mailman and give them admin priviledges to certainn mail lists.  That way they 
> can update it to their hearts content.
> 
> If I come up with anything else, I'll post it here :)
> -- 
> Seeya,
> Paul
> ----
>          I'm in shape, my shape just happens to be pear!
> 
>        If you're not having fun, you're not doing it right!
> 
> 




More information about the sudo-users mailing list