From owner-freebsd-security Sun Aug 8 17:37:19 1999 Delivered-To: freebsd-security@freebsd.org Received: from smtp3.erols.com (smtp3.erols.com [207.172.3.236]) by hub.freebsd.org (Postfix) with ESMTP id A45FB14BFC for ; Sun, 8 Aug 1999 17:37:06 -0700 (PDT) (envelope-from jobaldwi@vt.edu) Received: from john.baldwin.cx (207-172-143-111.s48.as1.hgt.md.dialup.rcn.com [207.172.143.111]) by smtp3.erols.com (8.8.8/8.8.5) with ESMTP id UAA15145; Sun, 8 Aug 1999 20:34:04 -0400 (EDT) Message-Id: <199908090034.UAA15145@smtp3.erols.com> X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <14250.25026.756025.612481@avalon.east> Date: Sun, 08 Aug 1999 20:34:01 -0400 (EDT) From: John Baldwin To: Anthony Kimball Subject: Re: group bits Cc: freebsd-security@FreeBSD.ORG, wes@softweyr.com Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 06-Aug-99 Anthony Kimball wrote: > Quoth Wes Peters on Thu, 5 August: >: >: sudo? > > Sudo is a wonderful tool, but it far too big a hammer for such a small > nail for one thing (allows root access to everyone permitted to > perform a limited task), doesn't retrofit integrated environments with *Bzzzt* wrong! Sudo lets you specify which user a user can run a command as. You could create a sudo user pppuser, for instance, and have the people in the pppgroup group be able to run commands as pppuser. Then they are not running commands as root. Read the man page next time. --- John Baldwin -- http://members.freedomnet.com/~jbaldwin/ PGP Key: http://members.freedomnet.com/~jbaldwin/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message