[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Updating files in /etc Remotely (and automated)

On Sun Sep 12, 2010 at 16:24:59 -0400, Rob Owens wrote:

> If you run "sudo somescript", then the script runs as root, so every
> command inside it will run as root.
> I think it is generally considered smarter, security-wise, to
> run "somescript" and then include "sudo"  inside the script as
> necessary.

  I believe that makes sense in an objective way, but I've never
 seen that defined as a "best practise", and your example fails
 in a way that suggests you've not done it that way yourself.


> sudo ls /root/*

  Fails.  Why?  Because _your_ shell does the expansion, before
 passing to sudo.

  For example compare these two command and outputs:

skx@birthday:~$ sudo ls /root/*
skx@birthday:~$
skx@birthday:~$ sudo ls /root/
Desktop
skx@birthday:~$

Steve
--
Let me steal your soul?
http://stolen-souls.com
Reply to: