Date: Sat, 28 Apr 2012 11:47:07 +0200 From: "Patrick M. Hausen" <hausen@punkt.de> To: Eugene Grosbein <egrosbein@rdtc.ru> Cc: Zenny <garbytrash@gmail.com>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: Restricting users from certain privileges Message-ID: <0F37A1B9-993B-4A4E-9FCC-8B19AADCFB72@punkt.de> In-Reply-To: <4F9BBABA.6040708@rdtc.ru> References: <CACuV5sCyCgn8aBawTEP=BT%2B%2B4Ut4kPt8fXSq%2BgcS2YrkZaU%2BJw@mail.gmail.com> <E1SO2ER-000K66-8k@kabab.cs.huji.ac.il> <CACuV5sCHmnUnXTTY%2BkGqszi-Ynu8Vr3bf%2BLALf=yQbhHPXSdXA@mail.gmail.com> <4F9BBABA.6040708@rdtc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, all, Am 28.04.2012 um 11:39 schrieb Eugene Grosbein: > 28.04.2012 14:50, Zenny =D0=BF=D0=B8=D1=88=D0=B5=D1=82: >=20 >>> try sudo from ports, security/sudo >>>=20 >>> cheers, >>> danny >>>=20 >>>=20 >> Thanks Daniel, but sudo gives all (not selective) root privileges to = the >> user (admin in my case). So this is not what I am trying to achieve = in my >> original post. >=20 > Please do study sudo real power :-) > It can give selective privileges per-command, > an d it can also allow one to run some command with some arguments = only > and not with others. Or, without any arguments only - as you tune > its sudoers configuration file. Just make sure none of the permitted commands has got the feature of starting a shell ;-)) Kind regards, Patrick --=20 punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 info@punkt.de http://www.punkt.de Gf: J=C3=BCrgen Egeling AG Mannheim 108285
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0F37A1B9-993B-4A4E-9FCC-8B19AADCFB72>