Richard Fish schreef: > Holly Bostick wrote: > > >>Richard Fish schreef: >> >> >> >>>BTW Holly, >>> >>>You should recognize that from a security standpoint allowing yourself >>>to execute bash is really giving yourself "blanket permissions to sudo >>>to all commands". You might as well make life easier on yourself and >>>just make your sudo settings "ALL=(ALL) NOPASSWD: ALL". >>> >>>My $.02. >>> >>>-Richard >>> >>> >>> >> >>Thank you for the heads-up, Richard, but it would seem that that isn't >>quite true-- I did a test: >> >> >>sudo bash -c /etc/init.d/samba restart >> >> >> > > > Remember that the -c option for bash is a single argument, not the rest > of the line. The 'restart' is being seen as a separate argument to > bash, not as part of the command for bash to execute, if that makes any > sense! It will work if you do: > > sudo bash -c "/etc/init.d/samba restart" > > -Richard >
So it will. Shoot. Oh, well. Maybe I'll rework this, or I should then ask for: 1) firewall recommendations (personal, as the router has one too; atm I'm liking firestarter) 2) anti-hacking monitors (other than chrootkit and rkhunter, if needed-- guess I'm thinking about keyloggers) ? Holly -- gentoo-user@gentoo.org mailing list
