[sudo-users] Restricting characters in sudo commands

Paul Stepowski p.stepowski at qut.edu.au
Thu Jun 15 02:03:46 EDT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi list,

I'm trying to restrict access to the 'mkdir' command so a user can only create a
directory in the specified subdirectory. e.g

testuser testhost.example.com = (root) /bin/mkdir /tmp/[A-z0-9]*

This works but it still allows a user to specify additional directories after
the first /tmp directory.

e.g. sudo mkdir /tmp/testA testB

will allow the user to create other directories, owned as root, anywhere on the
file system.  How can I configure sudo so mkdir can only be fed one directory
name to create?  Is this even possible with sudo?

Thanks,

Paul

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFEkPhB4qOLghPAuV0RAhHAAKCdJzKo9iL7Yci3ClC2pc+Q8acX6ACg2XfZ
wIMGHUs8aJcC88yEZeckmg8=
=QgxA
-----END PGP SIGNATURE-----



More information about the sudo-users mailing list