Date: Mon, 10 Dec 2001 18:01:20 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: "Ronan Lucio" <ronan@melim.com.br> Cc: security@freebsd.org Subject: Re: Accessing as root Message-ID: <60355.1008000080@axl.seasidesoftware.co.za> In-Reply-To: Your message of "Mon, 10 Dec 2001 12:02:40 -0200." <035301c18183$54d13460$2aa8a8c0@melim.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 10 Dec 2001 12:02:40 -0200, "Ronan Lucio" wrote: > I need to make some scripts to change the password and another > things like that need root permissions, but: > > How can I do it without opening a security hole in the server? > What is the best way to do it? 1) Limit exposure to just those commands that need privelege, by passing your command as arguments to the su(1) command. 2) Be _very_ careful about the input you accept and then pass on to these priveleged commands. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60355.1008000080>