[sudo-users] How userA can run userB's script

Matthew Stier Matthew.Stier at us.fujitsu.com
Tue Apr 28 10:41:43 EDT 2009


Todd C. Miller wrote:
> In message <20FCEE8F-485C-4227-B823-F823BBE55827 at filemaker.com>
> 	so spake  (erwin_hom):
>
>   
>> There is a setting in sudoers which lets you use the target user's  
>> password, i.e.
>>
>> Defaults targetpw
>>
>> But it seems to be a default behavioral change of 'sudo' that affects  
>> every users, not just userA, right?
>>     
>
> Correct.  However, you can bind that option specifically to userA.
> E.g.
>
> Defaults:userA targetpw
>
> and then whenever userA runs sudo he/she will need to use the
> password of the user the command is being run as.
>
>  - todd

But that's the problem with changing this default.  It applies to all 
commands that userA runs.  UserA will need to know the password of every 
account (s)he will running a command as.

Running a command as userB will require userB's password.  Running a 
command as userC, will require userC's password.  Running a command as 
root will require root's password.

As long as this is not an issue ....



More information about the sudo-users mailing list