Re: Administration question

To: David_Neuer@stream.com
Cc: debian-user@lists.debian.org
Subject: Re: Administration question
From: Ralph Winslow <rjw@nac.net>
Date: Fri, 15 Aug 1997 19:20:41 -0400
Message-id: <[🔎] 33F4E449.4A253C0F@nac.net>
References: <[🔎] 00053D3C.@stream.com>

David_Neuer@stream.com wrote:
> 
> I am running a Debian system right now as a web development staging server.  At
> present, it is only on a local network, but could conceivably become a gateway
> to the Internet as well.  So for the time being, it is basically a two-user
> system (me and my wife).
> 
> I am teaching my wife to do web development, and would like her to be able to
> use the Linux system.  This includes having her be able to shut the system down
> when she's done using it (we can't afford to leave this old 486 system running
> without a pretty heavy subsidy from the electric co!).  My wife is not a real
> experienced computer user in general, and she has NO UNIX experience whatsoever.
> Needless to say, I'm not really crazy about the idea of giving her root access,
> lest some simple mistake hose the system completely.
> 
> What would be the best way to enable her to run the shutdown command, without
> creating a giant security hole which might bite me in the @*% should this
> machine ever become a gateway?  My thoughts up to this point:
> 
> 1)  Creating a group consisting of my wife and myself, and doing a setuid and
> chmod 710 on the shutdown command itself, and changing group ownership to the
> group with me and her in it.
> 
> 2)  Creating a group consisting of my wife and myself, and writing a script
> which executes the shutdown command, then setting the ownership for the script
> to root, group ownership on the script to our group, and doing a setuid on just
> the script.

I prefer #1 because setuid scripts are always a poor idea.  If the
script is
in suidperl (or is it perlsuid?), I'd object less (and in a pinch I
might even
do #2 for quickness, given proper signal handling at the top of the
script).
In short, I guess I'm saying Do it the way you know best; just make sure
you
handle all interupts at the top of your code and THINK about what you're
doing and the order you do it in.
> 
> It seems to me that the second option is the best as I don't have to monkey
> around with the permissions on the command.  Is the second any more of a
> security concern than the first, or, as I assume, less?  Say my wife's user
> password is ridiculously easy to guess; do these give the same amount of system
> access to the person who cracks into her account?
> 
> Does anyone know of a better way to do this?
> 
> --
> TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
> debian-user-request@lists.debian.org .
> Trouble?  e-mail to templin@bucknell.edu .

-- 
-----------------------------------------
Ralph Winslow		      rjw@nac.net
The IQ of the group is that of the member
whose IQ is lowest  divided by the number
of members.


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Administration question
  - From: David_Neuer@stream.com

Prev by Date: Problem upgrading Debian
Next by Date: Sudo vs. Super
Previous by thread: Re: Administration question
Next by thread: Re: Administration question
Index(es):
- Date
- Thread