Richard_Wright at irco.com
Thu Dec 12 09:27:21 EST 2002
One thing that I have not seen mentioned.
If you put a line into the aliases file like
then changes to the file /etc/mail/test.list will take effect immediately
without having to run the newaliases command.
The newaliases command only needs to be run for changes to the
/etc/mail/aliases file itself.
<emil.isberg at md To: mlh at zip.com.au
s.mdh.se> cc: sudo-users at sudo.ws
Sent by: Subject: Re: list management
n at sudo.ws
On Wed, 11 Dec 2002 mlh at zip.com.au wrote:
>Sudo is always an alternative to a setuid program.
Yes, sudo is an alternative to a setuid application, but not that good one
when it comes to noninteractive programs.
And I generally dislike scripts that are run from webpages...
Seldom I see proper security in those...
(There are many reasons behind that you can't do setuid scripts in modern
If you follow a simple guideline like KISS (keep it simple, stupid) then
it is much easier to get proper security without lacking needed
I think sudo is great, ofcourse I do... And I use it for most things I can
A similar sudo configuration as that program would give:
prompt$ cat script1
[ -z "$1" -o -z "$1" ] && echo 'Usage: script1 <alias> <target>' && exit
exec sudo /path/to/script2 "$1" "$2"
prompt$ cat script2
[ -z "$1" -o -z "$1" ] && echo 'Usage: script2 <alias> <target>' && exit
echo "$1": "$2" >> /path/to/aliasfile
prompt$ cat sudoconfig
nobody ALL = (root) /path/to/script2
It's still simple... But it's three processes involved instead of one.
Or perhaps you could use just two processes (by skipping the first
Most times there is more than one solution to a given problem.
I suggested two solutions that didn't involve sudo... And now I've
supplied one that does involve sudo...
Your program is sick! Shoot it and put it out of its memory.
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
More information about the sudo-users