[sudo-users] Dynamic sudo configuration to restrict users
pottmi at gmail.com
Mon Dec 4 17:08:14 EST 2006
Use a wrapper script.
here is why:
1) with a wrapper script you can do a lot more checking, and produce a lot
friendly error messsages.
2) SUDO_USER is available to the script
3) You can do additional error checks such that the input does not contain
For instance, if the rule that you are trying to implemented worked, a user
could do this:
sudo cp /home/myuser/tmp/passwd /somepath/../etc/passwd
To overlay your password file.
On 12/4/06, Jaouich.Cyril at hydro.qc.ca <Jaouich.Cyril at hydro.qc.ca> wrote:
> Here is what I am hoping to do. I would like to restrict a command such
> as cp in this manner:
> Cmnd_Alias CP_EX =/usr/bin/cp /USER_HOME_DIR/* /some_path/*
> USER_HOME_DIR would get replaced by the realuser's home. I have tried
> with different ENV variables such as SUDO_USER with no luck.
> Any ideas?
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
More information about the sudo-users