On Friday 01 April 2011 08:21 AM, Binand Sethumadhavan wrote: > 2011/3/31 Rony<[email protected]>: >> I had to put >> everything in a root owned container and the sudoer's file was edited to >> allow the user only this particular command as root. Thus all data was >> root owned and inaccessible to the user. > This is almost always a bad idea. There are any number of possible > attacks - path based, fire redirection based etc. that is possible > with this. For example, how does the "stramer" program work - does it > overwrite the file specified by -o? In that case, what will happen if > I do this first: > > ln -s /etc/passwd ./binand.jpeg > > and run your script? >
How would you create a script for a user that creates and updates files but does not allow the user to edit them later? Any idea is welcome. -- As a proper list etiquette..... Please trim your replies. Avoid cross posting to other lists. Post your replies below the relevant original text, leaving a line space. Do not re-use old messages to write new ones. For new messages, create a new message. Regards, Rony. -- http://mm.glug-bom.org/mailman/listinfo/linuxers
