Date: Sat, 28 Apr 2012 11:47:07 +0200 From: "Patrick M. Hausen" <hausen@punkt.de> To: Eugene Grosbein <egrosbein@rdtc.ru> Cc: Zenny <garbytrash@gmail.com>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: Restricting users from certain privileges Message-ID: <0F37A1B9-993B-4A4E-9FCC-8B19AADCFB72@punkt.de> In-Reply-To: <4F9BBABA.6040708@rdtc.ru> References: <CACuV5sCyCgn8aBawTEP=BT%2B%2B4Ut4kPt8fXSq%2BgcS2YrkZaU%2BJw@mail.gmail.com> <E1SO2ER-000K66-8k@kabab.cs.huji.ac.il> <CACuV5sCHmnUnXTTY%2BkGqszi-Ynu8Vr3bf%2BLALf=yQbhHPXSdXA@mail.gmail.com> <4F9BBABA.6040708@rdtc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, all, Am 28.04.2012 um 11:39 schrieb Eugene Grosbein: > 28.04.2012 14:50, Zenny пишет: > >>> try sudo from ports, security/sudo >>> >>> cheers, >>> danny >>> >>> >> Thanks Daniel, but sudo gives all (not selective) root privileges to the >> user (admin in my case). So this is not what I am trying to achieve in my >> original post. > > Please do study sudo real power :-) > It can give selective privileges per-command, > an d it can also allow one to run some command with some arguments only > and not with others. Or, without any arguments only - as you tune > its sudoers configuration file. Just make sure none of the permitted commands has got the feature of starting a shell ;-)) Kind regards, Patrick -- punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 info@punkt.de http://www.punkt.de Gf: Jürgen Egeling AG Mannheim 108285
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0F37A1B9-993B-4A4E-9FCC-8B19AADCFB72>