[sudo-users] mysqldump without sh -c ?

Jordi Espasa Clofent jespasac at minibofh.org
Wed Aug 12 11:53:24 EDT 2009

Todd C. Miller escribió:
> If the only reason you are using sudo for this is to write to
> /parh/backup_db/backup.sql, why not just make the file (or directory)
> writable by a group that the support people are in?  Then you
> wouldn't need to use sudo at all...
>  - todd

My main problem is I've configured sudo to allow all and restrict only 
some commands,  and the more secure (and correct) policy should be to 
deny all by default and allow the needed commands only. I'm working on 
this now.

Jordi Espasa Clofent

More information about the sudo-users mailing list