mlh at zip.com.au
Sat Mar 23 23:00:20 EST 2002
Matthew Hannigan wrote:
> Douglas De Vine wrote:
>> my sudoers file:
>> root ALL=(ALL) ALL
>> www ALL = NOPASSWD: ALL
>> my command, run as 'www':
>> /usr/bin/sudo echo "Hello" >> /tmp/hosts
>> the error:
>> bash: /tmp/hosts: Permission denied
>> the file permissions:
>> -rw-r--r-- 1 root nobody 30 Mar 23 14:26 hosts
> [ ... ]
> A surefire way and much safer way to make it work would
> be to that entire command in a shell script and only allow
> www to execute that shell script.
Doug wrote back to me to say the surefire way worked.
I'd also like to add that I think the Apache "suexec"
feature does the same thing, with some limitations.
You may be better off using that feature if you're using Apache.
More information about the sudo-users