[sudo-users] Distributing the sudoers file using rsync as a non root user
Martin Schröder
ms at artcom-gmbh.de
Fri Oct 1 03:49:14 EDT 2004
On 2004-09-30 21:00:43 -0700, Paul M. Lambert wrote:
> >This can be controlled a bit by setting options in
> >~/.ssh/authorized_keys
>
> authorized_keys can only control what command is run. in this case,
> that command is rsync, and it can write to any file it has write
> privileges to. running it as root gives it write privileges to every
> file, so it can essentially do anything it wants.
But authorized_keys can control the hosts which are allowed to login
with a key and can diable any interactive shell-access for a key.
This still allows writes with rsync from these hosts; but they can
be trusted not to do this.
Best regards
Martin
--
Martin Schröder, ms at artcom-gmbh.de
ArtCom GmbH, Lise-Meitner-Str 5, 28359 Bremen, Germany
Voice +49 421 20419-44 / Fax +49 421 20419-10
http://www.artcom-gmbh.de
More information about the sudo-users
mailing list