On Sun, May 27, 2012 at 5:54 AM, Denis Witt <denis.w...@concepts-and-training.de> wrote: > Hi again, > > I came up with this now: > > cat /usr/local/bin/adm.sh
Having access to chown and chmod is not secure: cbell@circe:~$ cp /bin/dash . cbell@circe:~$ sudo ./adm.sh chown root:root ./dash Change ownership root:root ./dash cbell@circe:~$ sudo ./adm.sh chmod 4755 ./dash Change file rights 4755 ./dash cbell@circe:~$ ./dash # whoami root # If you're going to allow chown and chmod, you may as well just give them the root password or full sudo to every command with their own password using /etc/sudoers: %sudo ALL(ALL)=ALL With them in the sudo group. Note, this is the default in Squeeze and you can grant them this access with a single command: # usermod -G sudo -a $username -- Chris -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caoevnysg1u1jrhhjngk0o8d+_ehyqkcjfv4me8bhy_gjc0t...@mail.gmail.com
