Re: Sudo question

From: Michael Cheselka (cheselka@LINUX.CACTUS.ORG)
Date: Mon Apr 19 2004 - 11:57:47 EDT

• Next message: Inshan Singh: "Xwindows on an HMC"
• Previous message: Holger.VanKoll@SWISSCOM.COM: "Re: Sudo question"
• In reply to: John Jolet: "Re: Sudo question"
• Next in thread: Holger.VanKoll@SWISSCOM.COM: "Re: Sudo question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You could add the directory to apache and put in an index.html to
list the files you want to let them view.

You wouldn't want them to use, let's say, "less" because they can
spawn an editor; which would be a sub-process and run with "less"'s
permissions.

On Mon, Apr 19, 2004 at 09:20:28AM -0500, John Jolet wrote:
> um, in what way does giving someone "view" with sudo allow overwrite of ANYTHING? maybe use less or more?
>
> -----Original Message-----
> From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of
> Holger.VanKoll@SWISSCOM.COM
> Sent: Monday, April 19, 2004 8:33 AM
> To: aix-l@Princeton.EDU
> Subject: Re: Sudo question
>
>
> looks dangerous to me
>
> letting him do view as root will let him overwrite everything in that
> dir, even with Rsh (not rsh!)
> with a bit knowledge he also can overwrite/read everything else
>
> i would let him copy this file to his homedir with sudo; then he can
> view it there

• Next message: Inshan Singh: "Xwindows on an HMC"
• Previous message: Holger.VanKoll@SWISSCOM.COM: "Re: Sudo question"
• In reply to: John Jolet: "Re: Sudo question"
• Next in thread: Holger.VanKoll@SWISSCOM.COM: "Re: Sudo question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:17:50 EDT