[sudo-users] sudo and friends
Stanley, Jon
Jon.Stanley at savvis.net
Thu Jan 18 10:38:48 EST 2007
Almost right:
user ALL=(root) <command>.
There is a problem with /usr/bin/vi, as it's trivial in vi to do a shell
escape and the user could do anything they wanted as root. If you trust
the user with root, then that's not a huge problem.
>-----Original Message-----
>From: sudo-users-bounces at courtesan.com
>[mailto:sudo-users-bounces at courtesan.com] On Behalf Of jan kalcic
>Sent: Thursday, January 18, 2007 9:50 AM
>To: sudo-users at sudo.ws
>Subject: [sudo-users] sudo and friends
>
>Hi people,
>
>I need to give access to all files under /etc/samba/* to a user using
>sudo. I want him to be able to modify to all those files using vi and I
>also want him to use the script /etc/init.d/smbd and nmbd with option
>"status" only.
>
>user ALL=/usr/bin/vi /etc/samba/*
>user ALL=/etc/init.d/smbd status
>user ALL=/etc/init.d/nmbd status
>
>Is this configuration right or I've not understood nothing about sudo?
>
>Regards,
>Jan
>
>____________________________________________________________
>sudo-users mailing list <sudo-users at sudo.ws>
>For list information, options, or to unsubscribe, visit:
>http://www.sudo.ws/mailman/listinfo/sudo-users
>
More information about the sudo-users
mailing list