[sudo-users] How userA can run userB's script
Matthew Stier
Matthew.Stier at us.fujitsu.com
Tue Apr 28 10:41:43 EDT 2009
Todd C. Miller wrote:
> In message <20FCEE8F-485C-4227-B823-F823BBE55827 at filemaker.com>
> so spake (erwin_hom):
>
>
>> There is a setting in sudoers which lets you use the target user's
>> password, i.e.
>>
>> Defaults targetpw
>>
>> But it seems to be a default behavioral change of 'sudo' that affects
>> every users, not just userA, right?
>>
>
> Correct. However, you can bind that option specifically to userA.
> E.g.
>
> Defaults:userA targetpw
>
> and then whenever userA runs sudo he/she will need to use the
> password of the user the command is being run as.
>
> - todd
But that's the problem with changing this default. It applies to all
commands that userA runs. UserA will need to know the password of every
account (s)he will running a command as.
Running a command as userB will require userB's password. Running a
command as userC, will require userC's password. Running a command as
root will require root's password.
As long as this is not an issue ....
More information about the sudo-users
mailing list