Date: Sat, 28 Apr 2012 09:50:30 +0200 From: Zenny <garbytrash@gmail.com> To: Daniel Braniss <danny@cs.huji.ac.il> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: Restricting users from certain privileges Message-ID: <CACuV5sCHmnUnXTTY%2BkGqszi-Ynu8Vr3bf%2BLALf=yQbhHPXSdXA@mail.gmail.com> In-Reply-To: <E1SO2ER-000K66-8k@kabab.cs.huji.ac.il> References: <CACuV5sCyCgn8aBawTEP=BT%2B%2B4Ut4kPt8fXSq%2BgcS2YrkZaU%2BJw@mail.gmail.com> <E1SO2ER-000K66-8k@kabab.cs.huji.ac.il>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 28, 2012 at 9:38 AM, Daniel Braniss <danny@cs.huji.ac.il> wrote: > > Hi: > > > > I could not figure out how to restrict users or other users from certain > > privileges to execute certain commands in FreeBSD/NanoBSD? > > > > What I meant is I want to create a NanoBSD image in which there will be > an > > additional user, say 'admin'. I need to give this new user (admin) some > > privileges to run some root-can-only-execute commands, but not all (ACL > > similar to the firmwares in adsl modems from ISPs). > > > > I read Dru Lavingne's 'BSD Hacks' and Joseph Kong's 'Designing BSD > > Rootkits' besides FreeBSD handbook, but I simply could not figure out. > > Could anyone throw some light on this? Appreciate it! > > > > Thanks! > > > > /zenny > > try sudo from ports, security/sudo > > cheers, > danny > > Thanks Daniel, but sudo gives all (not selective) root privileges to the user (admin in my case). So this is not what I am trying to achieve in my original post. /z
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACuV5sCHmnUnXTTY%2BkGqszi-Ynu8Vr3bf%2BLALf=yQbhHPXSdXA>