Re: central administration techniques

To: Juha Jäykkä <juolja@utu.fi>
Cc: debian-security@lists.debian.org
Subject: Re: central administration techniques
From: Tomasz Papszun <tomek@lodz.tpsa.pl>
Date: Fri, 19 Oct 2001 17:27:28 +0200
Message-id: <20011019172728.E29630@lodz.tpsa.pl>
In-reply-to: <Pine.SOL.4.30.0110191725030.23294-100000@alya.utu.fi>; from Juha Jäykkä on Fri, 19 Oct 2001 at 17:54:28 +0300
References: <Pine.SOL.4.30.0110191725030.23294-100000@alya.utu.fi>

On Fri, 19 Oct 2001 at 17:54:28 +0300, Juha Jäykkä wrote:

[...]
> case, which is the safest option? Currently I am considering
> configuring sudo to enable the admin user to execute a single script
> (mods 0700) without a password or just chmod that script 4700. I am not
                                                    ^^^^^^^^^^^
> certain about the first, but the latter would be as secure as my
> connection (ssh2) and my real password. The real password being broken
[...]
> 3. Break into one of the other machines, use the suided script to
                                                   ^^^^^^^^^^^^^

I can't answer your questions - I know too little. Just one remark:
AFAIK, Linux doesn't support suided shell scripts. At least it didn't do
that a few years ago when I tried to use a suided script. I haven't
checked that since then.

Hope it helps
--
 Tomasz Papszun   SysAdm @ TP S.A. Lodz, Poland  | And it's only
 tomek@lodz.tpsa.pl   http://www.lodz.tpsa.pl/   | ones and zeros.

Reply to:

Follow-Ups:
- Re: central administration techniques
  - From: Juha Jäykkä <juolja@utu.fi>

References:
- central administration techniques
  - From: Juha Jäykkä <juolja@utu.fi>

Prev by Date: central administration techniques
Next by Date: Re: central administration techniques
Previous by thread: central administration techniques
Next by thread: Re: central administration techniques
Index(es):
- Date
- Thread