On Thu, Oct 17, 2002 at 05:37:18PM +0200, Raffaele Sandrini wrote: > On Thursday 17 October 2002 15:11, Andrew Perrin wrote: > > It's a bad idea :) > > > > No, really - what do you need to do that can't be done by sudo, cron, or > > at? These are well-tested tools and will probably make you happier than > > your plan. [snip] > > Let me reiterate, though: it's a BAD IDEA. How will you make sure nobody > > has access to running root scripts through your daemon? > > hehe, I thought your answer may result like that :-)) > > I need it for a small KDE application wich needs to execute some privileged > procecesses (like mount) WITHOUT password promting to the user. The KDE app > itself can't run as root (casue that needs an extra enviroment and i don't > want that) and setuid root is not a good idea cause of the kdelibs (and also > here a root env would be necessary). IMHO a better way would be: - Create a script in /usr/local/bin that does whatever you need it to. Make sure it works when root executes it - doesn't have to work for mere mortals. - Add a line to /etc/sudoers that allows user X to execute that script as root *without* having to supply a password: <usernameX> <hostname> = NOPASSWD: /usr/local/bin/yourscript Make sure that there aren't any "holes" in your script: - Avoid command line parameters if possible - Early in the script set the PATH and IFS variables to known values - Dont use e.g. "#!/usr/bin/env interpreter", but go straight to "#!/usr/bin/interpreter" And educate user X about the dangers and enforce any rules you lay down: cracking user X's account will now allow the black hats to execute /usr/local/bin/yourscript as root... As far as I can see, this would satisfy your needs - but be sure that you understand the security implications. HTH -- Karl E. Jørgensen karl@jorgensen.com www.karl.jorgensen.com ==== Today's fortune: Linux: the choice of a GNU generation -- ksh@cis.ufl.edu put this on Tshirts in '93
Attachment:
pgpg_FXWcMBXP.pgp
Description: PGP signature