2009/8/27 Henrik Hodne <dvyjones(a)cluenet.org>rg>:
On 27. aug. 2009, at 10.14, Leszek Krupinski
<leafnode(a)gmail.com> wrote:
On Thu, Aug 27, 2009 at 10:06 AM, Henrik
Hodne<dvyjones(a)cluenet.org
wrote:
Out of
interest, how would these limited rights be implemented?
I would guess that the easiest way would be some kind of daemon
running as root.
Daemon? Why not just sudo?
Doh! I keep forgetting you can limit privileges with sudo.
Henrik
_______________________________________________
Toolserver-l mailing list (Toolserver-l(a)lists.wikimedia.org)
https://lists.wikimedia.org/mailman/listinfo/toolserver-l
Posting guidelines for this list:
https://wiki.toolserver.org/view/Mailing_list_etiquette
Bear in mind that most programs can be exploited as root, to gain full
root. Might I remind you of what happened with mount (for those of you
who don't know, a bunch of people from the not-for-profit organisation
me and Henrik volunteer for, abused access to mount, to take a whole
server, by making their own filesystems with setuid binaries inside,
and mounting them)
Fahad