Re: Bug#179125: maintainer scripts tries to exec script in /tmp
On Mon, 3 Feb 2003 14:40, Andreas Metzler wrote:
> > I'm not sure how to express the command in a form that will work if
> > $SCRIPTFILE can't be executed directly.
>
> Just guessing:
> su - postgres -c "/usr/bin/perl /tmp/config.151751"
> cu andreas
su should not be used in postinst scripts or daemon start scripts. su wants
access to /etc/shadow and needs special security configuration.
Also for general security it's best for such daemon accounts to not have valid
shells if possible, which precludes su.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: