On Sun, 25 Oct 2009 03:05:27 +0100 Klistvud <quotati...@aliceadsl.fr> wrote:
> Dne, 25. 10. 2009 02:50:36 je Celejar napisal(a): > > > This is what sudo is for - one just configures it to allow anyone to > > run it as root. Another possibility is to make it suid root. I > > suppose, though, that either of these techniques might be security > > risks, if the script is buggy / insufficiently secure and a > > malicious user manages to run it. > > > > Which of the two methods is considered less of a security hazard? Can > either of them be made secure in a relatively simple way? Well, I'm no security guru, but the fundamental problem here applies to both of them: if there's any way that the script can be manipulated to run arbitrary code, or give the user access to a shell, then the game's over ... Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
