From: Bill Fenwick (bill@digicomp.com)
Date: Tue Nov 12 2002 - 15:58:10 EST
As usual, a quick response from the list. This one leaves me feeling
stupid, or at least overly cautious.
We could use ACL's or RBAC, or we could just assign the same user number
to UserA and UserB... which seems to be working (though probably unsafe!).
Thanks to the following for responding:
Paul Galjan <galjanpa@cmr.gov>
Jed Dobson <jed@wgtech.com>
Mark Bergman <bergman@merctech.com>
Dan <dana@dtn.com
Paul LaMadeleine <plamadeleine@lightbridge.com>
Naxhije Selimaj <nselimaj@mlp.com>
Thomas J. Jones <Thomas_J_Jones@efunds.com>
Glen Ippolito <ippy@optonline.net>
Original question:
> Other than by using sudo, is there a way that one account can be given
> the privileges of and can run programs owned by another account (that
> are not group or world executable)?
>
> We're updating some custom software for a client, and in changing
> versions of the software, we've also changed the name of the account
> from which the programs are run, and hence the ownership of a lot of
> the program files. The client would like to be able to continue
> running the programs from UserA, without having to jump through a lot
> of hoops, even though the programs are now owned by UserB. We don't
> want to make the programs group or world executable, since we only
> want the administrator accounts (like UserB and formerly UserA) to
> have access to this stuff.
>
-- Bill Fenwick Email: fenwick@digicomp.com Digicomp Research Voice: (607) 273-5900 ext 32 _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:16 EDT