[sudo-users] php edit of sudoer file
JR Aquino
JR.Aquino at citrix.com
Sat Dec 15 17:32:09 EST 2012
Consider FreeIPA, takes the sting out of coding your own custom sudo / authentication setup and has a lot of security features baked in.
http://freeipa.org/page/Main_Page
"Keeping your head in the cloud"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jr Aquino
Sr. Information Security Specialist, Technical Operations
Sans: GXPN, GCIH, GWAPT
T: +1 805 690 3478 | M: +1 805 717 0365 | F: +1 805 403 9399
Jr.Aquino at citrix.com<mailto:Jr.Aquino at citrix.com>
Powering mobile workstyles and cloud services
On Dec 14, 2012, at 2:40 PM, "Robert Lefebvre" <robert.r.lefebvre at gmail.com<mailto:robert.r.lefebvre at gmail.com>> wrote:
I had started building a php script that would have enabled logged in
teachers to use a php script that would modify the etc/shadow file to
temporarily deactive errant students as users. I couldn't get my script to
write to the file until I realized it was a permissions issue. I don't want
to leave the permissions changed so another approach would be to make php a
user in the sudo group so it could write to the shadow file. Some warned
that php was not that secure, that I shouldn't give it sudo rights and, so,
instead should create an LDAP server.
Does this group have any thoughts on this idea of making php a sudo user?
Thanks
--
BungeeBones.com<http://BungeeBones.com> - A B2B Link Exchange - Free Links in limited locations -
human edited and reviewed - Networked online advertising business
opportunities available through our free, distributed web directory script
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws<mailto:sudo-users at sudo.ws>>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list