[sudo-workers] [sudo-users] Installing Application without fullsudo privilege
Olvera Peralta Edgar Alfredo
edgar.olvera at bbva.bancomer.com
Fri Feb 13 13:24:07 EST 2009
>From a security point of view that's not recommended. Someone could
create a malicious script called "root.sh" in any directory and you'd be
allowing to run it as root. That is a serious risk.
De: sudo-workers-bounces at courtesan.com
[mailto:sudo-workers-bounces at courtesan.com] En nombre de Asif Iqbal
Enviado el: Viernes, 13 de Febrero de 2009 11:17 a.m.
Para: Makarand Dongare
CC: sudo-users at sudo.ws; sudo-workers at sudo.ws
Asunto: Re: [sudo-workers] [sudo-users] Installing Application without
On Fri, Feb 13, 2009 at 11:43 AM, Makarand Dongare <mmdongare at gmail.com>
> First thing is that Oracle does not need to be installed as root.
> There are couple of scripts that need to be run as rootpre.sh or
> root.sh. Once you do that for app team, they do not need root access
> for anything.
> If you want to give them root access to run those scripts then give it
> oracle servername=(root) full-path-for-command
What if the path name is differnet for different env? Can I do it like
this /*/root.sh for path?
> Hope this helps.
> Makarand Dongare
> On 2/13/09, Asif Iqbal <vadud3 at gmail.com> wrote:
>> Hi All
>> My application team needs to install Oracle on hosts. They are asking
>> for full sudo privilege, so that they can install app as root.
>> Is there a lesser privilege that you can suggest then
>> user ALL=(ALL) ALL
>> Asif Iqbal
>> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
>> A: Because it messes up the order in which people normally read text.
>> Q: Why is top-posting such a bad thing?
>> sudo-users mailing list <sudo-users at sudo.ws>
>> For list information, options, or to unsubscribe, visit:
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
sudo-workers mailing list <sudo-workers at sudo.ws>
For list information, options, or to unsubscribe, visit:
More information about the sudo-workers