list management

Richard Wright Richard_Wright at irco.com
Thu Dec 12 09:27:21 EST 2002 

One thing that I have not seen mentioned.
If you put a line into the aliases file like
"test_mail:      :include:/etc/mail/test.list"
then changes to the file /etc/mail/test.list will take effect immediately
without having to run the newaliases command.

The newaliases command only needs to be run for changes to the
/etc/mail/aliases file itself.

Richard Wright



                                                                                                                     
                                   Emil Isberg                                                                       
                                   <emil.isberg at md  To:  mlh at zip.com.au                                              
                                   s.mdh.se>        cc:  sudo-users at sudo.ws                                          
                                   Sent by:         Subject:     Re: list management                                 
                                   sudo-users-admi                                                                   
                                   n at sudo.ws                                                                         
                                                                                                                     
                                                                                                                     
                                   12/11/2002                                                                        
                                   05:37 AM                                                                          
                                                                                                                     
                                                                                                                     
                                                                                                                     
                                                                                                                     




On Wed, 11 Dec 2002 mlh at zip.com.au wrote:
>Sudo is always an alternative to a setuid program.

Yes, sudo is an alternative to a setuid application, but not that good one
when it comes to noninteractive programs.

And I generally dislike scripts that are run from webpages...
Seldom I see proper security in those...
(There are many reasons behind that you can't do setuid scripts in modern
operating systems.)

If you follow a simple guideline like KISS (keep it simple, stupid) then
it is much easier to get proper security without lacking needed
functionality.

I think sudo is great, ofcourse I do... And I use it for most things I can
think of...

A similar sudo configuration as that program would give:

prompt$ cat script1
#! /bin/sh

[ -z "$1" -o -z "$1" ] && echo 'Usage: script1 <alias> <target>' && exit

exec sudo /path/to/script2 "$1" "$2"
prompt$ cat script2
#! /bin/sh

[ -z "$1" -o -z "$1" ] && echo 'Usage: script2 <alias> <target>' && exit

echo "$1":           "$2" >> /path/to/aliasfile
newaliases
prompt$ cat sudoconfig
nobody          ALL = (root) /path/to/script2
prompt$

It's still simple... But it's three processes involved instead of one.
Or perhaps you could use just two processes (by skipping the first
script)...

Most times there is more than one solution to a given problem.
I suggested two solutions that didn't involve sudo... And now I've
supplied one that does involve sudo...

--
Your program is sick!  Shoot it and put it out of its memory.

____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users

More information about the sudo-users mailing list