[sudo-users] running a script in a specific directory as root

[larry prikockis]

I have a need for users to be able to run certain scripts located in
subdirectories of /net/common (e.g.,
/net/common/installation/test/myScript.sh) as root using sudo.

by adding a line like:

bob	ALL=/bin/sh /net/common/installation/*

to sudoers

Bob can log in, and execute 'sudo sh
/net/common/installation/test/myScript.sh' with no problem.

However, is there a way to all Bob to simply change to the
/net/common/installation/test directory and then execute:

'sudo ./myScript.sh' without specifying the full path?

Obviously, I don't want to simply allow users to run e.g., "myScript.sh"
from any directory as root since then there would be no way to prevent
someone from creating a script called "myScript.sh" that contained
commands I *don't* want a user running as root.

The idea is that most users have only read access to
/net/common/installation/*

Any thoughts on how to make it less cumbersome for users (i.e., not
requiring them to type the full path when they're already in the same
directory as the script) while still retaining control over the location
of the script being executed with root privs.?

thanks for any help...

-- 
Larry J. Prikockis
System Administrator
240-965-4597 (direct)
lprikockis at vecna.com
www.vecna.com

Vecna Technologies, Inc.
6404 Ivy Lane
Suite 500
Greenbelt, MD 20770
Phone: 240-965-4500
Fax: 240-547-6133
Better Technology, Better World (TM)

The contents of this message may be privileged and confidential.
Therefore, if this message has been received in error, please delete it
without reading it. Your receipt of this message is not intended to
waive any applicable privilege. Please do not disseminate this message
without the permission of the author.