Re: Administration question

To: David_Neuer@stream.com, debian-user@lists.debian.org
Subject: Re: Administration question
From: stick@richnet.net
Date: Fri, 15 Aug 1997 18:11:31 -0400 (EDT)
Message-id: <[🔎] m0wzUah-000IRCC@bertha.practical.net>
Reply-to: stick@richnet.net
In-reply-to: <[🔎] 00053D3C.@stream.com> from "David_Neuer@stream.com" at Aug 15, 97 12:17:00 pm

> 
> What would be the best way to enable her to run the shutdown command, without
> creating a giant security hole which might bite me in the @*% should this
> machine ever become a gateway?  My thoughts up to this point:
> 
> 1)  Creating a group consisting of my wife and myself, and doing a setuid and
> chmod 710 on the shutdown command itself, and changing group ownership to the
> group with me and her in it.
> 
Not a bad idea - though anyone who can crack into the system *could* gain
access to this one commend.

> 2)  Creating a group consisting of my wife and myself, and writing a script
> which executes the shutdown command, then setting the ownership for the script
> to root, group ownership on the script to our group, and doing a setuid on just
> the script.
> 
Linux doesn't support suid on scripts - it's *that* big of a security hole!
A wrapper program would be more like it.

> It seems to me that the second option is the best as I don't have to monkey
> around with the permissions on the command.  Is the second any more of a
> security concern than the first, or, as I assume, less?  Say my wife's user
> password is ridiculously easy to guess; do these give the same amount of
> system access to the person who cracks into her account?
> 
> Does anyone know of a better way to do this?
> 
Yes!  Try using sudo or super.  They allow ordinary users to have access to
specific system level programs without monkeying around with permissions.
I've used sudo for a long time and am happy with the access it allows.
Super may be even easier to use, I'm not sure.

Another way that I've seen systems handle this - not advocating it - just
mentioning... is to have a shutdown user (w/ a password of course) that
runs the shutdown command upon login.  If this user has root equivalent
authority (the SCO systems I've seen with this are user=0, group=0...
shudder...) then just logging in will bring the system down.  It's an
option - not a very good one, but an option.

Chuck

-- 
Chuck Stickelman, Owner			E-Mail:	<stick@richnet.net>
Practical Network Design		Voice:	(419) 529-3841
9 Chambers Road				FAX:	(419) 529-3625
Mansfield, OH 44906-1302 USA


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Administration question
  - From: David_Neuer@stream.com

Prev by Date: Re: Unknown PCI device (8086:7100 and others)
Next by Date: Re: missing cua*
Previous by thread: Re: Administration question
Next by thread: Re: Administration question
Index(es):
- Date
- Thread