From owner-freebsd-security Mon Dec 10 8: 1:35 2001 Delivered-To: freebsd-security@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 3A70B37B417 for ; Mon, 10 Dec 2001 08:01:30 -0800 (PST) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16DSte-000FiM-00; Mon, 10 Dec 2001 18:03:14 +0200 From: Sheldon Hearn To: "Ronan Lucio" Cc: security@freebsd.org Subject: Re: Accessing as root In-reply-to: Your message of "Mon, 10 Dec 2001 18:01:20 +0200." <60355.1008000080@axl.seasidesoftware.co.za> Date: Mon, 10 Dec 2001 18:03:14 +0200 Message-ID: <60409.1008000194@axl.seasidesoftware.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 10 Dec 2001 18:01:20 +0200, Sheldon Hearn wrote: > > I need to make some scripts to change the password and another > > things like that need root permissions, but: > > > > How can I do it without opening a security hole in the server? > > What is the best way to do it? > > 1) Limit exposure to just those commands that need privelege, by passing > your command as arguments to the su(1) command. This is stupid advice, sorry. You need to make your script setuid root (see chmod(1)). If the script is big, or does complex input handling, consider breaking out the part that needs privelege into its own smaller script, called by a wrapper that does input sanity checking. Ultimately, you want to limit the privelege to as little work as possible. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message