[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Intent to package runas...



On Tue, Sep 08, 1998 at 02:04:48AM -0700, Philippe Troin wrote:
> Michael Bramer wrote:
> 
> > Hello
> >
> > From the Readme:
> > #         Runas is a program that allows the super-user to run a program as if
> > # an ordinary user ran it. There are two main uses for runas, and both relate
> > # to security.
> > #
> > #         One is to allow the super-user to execute a binary given by an
> > # un-trusted user. Suppose the program is /usr/smith/program. The super-user
> > # simply creates a dummy account, say one called 'nobody' which doesn't have
> > # sufficient privileges to do any harm (the account needn't have login
> > # capability). The super-user can then do:
> > #
> > # 'runas nobody /usr/smith/program'
> 
> Out of my head, this is a runas clone:
>     #!/bin/sh
>     user=$1
>     shift
>     exec su -c "'$@'" $user


but only a clone :-)
see runas --help:
  Usage:
  runas [ options ] [ -- ] user_name executable [ param1, param2, ... ]

  The following options are available:
     -d directory   Set the initial directory
     -c directory   Set the root directory
     -g             Run in own process group
     -p number      Adjust priority (-20 = max, 20 = min)
     -i filename    Redirect input from file
     -o filename    Redirect output to file
     -e filename    Redirect errors to file

  Order of execution is:
    Change group, change directory, redirect, change root,
    establish process group, set priority, change user id, execute.

  RunAs -- Version 1.01 -- Copyright (C) 1994 -- S. Joel Katz

Grisu
-- 
Michael Bramer - a Debian Certified Linux Developer        http://www.debian.org
PGP: finger grisu@master.debian.org   --   Linux Sysadmin   --  Use Debian Linux
"Now let me explain why this makes intuitive sense."  --- Prof. Larry Wasserman

Attachment: pgpOyw4PfZKT3.pgp
Description: PGP signature


Reply to: