From owner-freebsd-questions  Wed Aug 26 16:11:11 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA12938
          for freebsd-questions-outgoing; Wed, 26 Aug 1998 16:11:11 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id QAA12888
          for <freebsd-questions@FreeBSD.ORG>; Wed, 26 Aug 1998 16:10:56 -0700 (PDT)
          (envelope-from nbm@rucus.ru.ac.za)
Received: (qmail 18129 invoked by uid 1003); 26 Aug 1998 23:10:02 -0000
Message-ID: <19980827011001.A17427@rucus.ru.ac.za>
Date: Thu, 27 Aug 1998 01:10:01 +0200
From: Neil Blakey-Milner <nbm@rucus.ru.ac.za>
To: Roman Katsnelson <romank@graphnet.com>,
        "q's" <freebsd-questions@FreeBSD.ORG>
Subject: Re: Root privileges without root
References: <35E47654.E2BE73F5@graphnet.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <35E47654.E2BE73F5@graphnet.com>; from Roman Katsnelson on Wed, Aug 26, 1998 at 04:55:48PM -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed 1998-08-26 (16:55), Roman Katsnelson wrote:
> Apache is root, which I don't really want to do. Is there any 
> way for me to give my script root privileges just for the time
> that it does pw? Or is there _any_ other way around this? 

Make a suid binary that does whatever you want for that time, and make
sure only the web server, and not any of your users, can execute it?

Neil
-- 
Neil Blakey-Milner
nbm@rucus.ru.ac.za

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message