sudo /bin/su nobody

Todd C. Miller Todd.Miller at
Tue Sep 24 12:05:59 EDT 2002

I still don't see why you can't just use sudo and avoid su altogether.
That may mean allowing the user to run any command as nobody via
sudo but that is certainly no worse than allowing the user to run
su.  The example you quote would have to be wrapped via "sh -c"
but that's no big deal, e.g.

sudo -u nobody sh -c \
	"/usr/java/j2sdk1.4.0_01/bin/java -cp /tmp/$PPID Main $args" < \
	$input 2>&1 | \
	awk '{ gsub (/&/, "\\&"); gsub (/</, "\\<"); gsub (/>/, "\\>"); print; }'

 - todd

More information about the sudo-users mailing list