[sudo-users] How to preserve functions in scripts for calling by sudo?
L. A. Walsh
sudo at tlinx.org
Sat Jun 3 09:07:47 MDT 2017
terry at remote-shell.org wrote:
> As an another oven overlooked option, perhaps configure file system
> permissions is a way that allows you code to run without the need to
> use sudo at all (e.g., dont use explosives to kill that fly.)
>
> Linux ACLs will likely be your tool of choice here.
---
Oh yeah! Since I been using xfs since before it was standard
in the kernel, I'm very familiar with such.
But in my use case, ACL's would permit me to accidently
overwrite things I don't want to overwrite. I.e. I use their
normal "read-only" status as a means to require some 'thinking'
before overwriting something.
That's why its been important to get scripts working
correctly again (to allow minimizing the # lines run as root)
while still keeping checks to prevent unforeseen problems as
root from escalating into commands doing bad things.
Thanks for the tip!
-l
More information about the sudo-users
mailing list