[sudo-users] Re: restrict passwd command
Mark F
mfaine at knology.net
Tue Nov 22 12:59:57 EST 2005
Ladner, Eric (Eric.Ladner) wrote:
> You might be better off just leaving the suid bit on the passwd command.
>
> I don't think the sudoers file macros and wildcarding can do that type
> of substitution.
>
> E
>
> -----Original Message-----
> From: sudo-users-bounces at courtesan.com
> [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Mark F
> Sent: Tuesday, November 22, 2005 11:45 AM
> To: sudo-users at sudo.ws
> Subject: [sudo-users] restrict passwd command
>
> Our policy restricts setuid to as little as possible usage. I've
> removed the setuid permissions from the /bin/passwd as I thought I could
> use it with sudo instead.
>
> I'd like to allow any user to run passwd but only with an argument that
> is their username.
>
> Is this possible? or is there a better way?
>
> thanks,
> -Mark
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws> For list information,
> options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
>
>
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
>
What about a wrapper script that uses $SUDO_USER ?
Thanks,
-Mark
More information about the sudo-users
mailing list