On 2011-12-20 11:00 AM, Florian Philipp li...@binarywings.net wrote:
You should probably also restrict which files can be edited (not
/etc/passwd, /etc/shadow or /etc/sudoers, for sure!). You can do this
with globs. For example:
%sudoroot sudoedit/var/www/*
Ok, just found out that
On 22 December 2011 15:41, Tanstaafl tansta...@libertytrek.org wrote:
On 2011-12-20 11:00 AM, Florian Philipp li...@binarywings.net wrote:
You should probably also restrict which files can be edited (not
/etc/passwd, /etc/shadow or /etc/sudoers, for sure!). You can do this
with globs. For
Am 21.12.2011 06:55, schrieb Walter Dnes:
On Tue, Dec 20, 2011 at 11:51:11AM -0500, Tanstaafl wrote
On 2011-12-20 10:13 AM, Michael Mol mike...@gmail.com wrote:
So, incidentally, would 'sudo passwd root'...
Ouch... any way to avoid that?
I guess the best way would be to simply give them
Hi all,
I'm guessing this is a sudo question, but I'm unfamiliar with the
nuances of sudo (never had to use it before).
I have a new hosted VM server that I want to allow a user to be able to
edit files owned by root, but without giving them the root password.
I already did:
On Tue, Dec 20, 2011 at 10:04 AM, Tanstaafl tansta...@libertytrek.org wrote:
Hi all,
I'm guessing this is a sudo question, but I'm unfamiliar with the nuances of
sudo (never had to use it before).
I have a new hosted VM server that I want to allow a user to be able to edit
files owned by
Am 20.12.2011 16:13, schrieb Michael Mol:
On Tue, Dec 20, 2011 at 10:04 AM, Tanstaafl tansta...@libertytrek.org wrote:
Hi all,
I'm guessing this is a sudo question, but I'm unfamiliar with the nuances of
sudo (never had to use it before).
I have a new hosted VM server that I want to allow a
On 2011-12-20 10:13 AM, Michael Mol mike...@gmail.com wrote:
So, incidentally, would 'sudo passwd root'...
Ouch... any way to avoid that?
I guess the best way would be to simply give them access to the commands
they need...
I'll look into that...
Thanks...
On 2011-12-20 11:00 AM, Florian Philipp li...@binarywings.net wrote:
You should probably also restrict which files can be edited (not
/etc/passwd, /etc/shadow or /etc/sudoers, for sure!). You can do this
with globs. For example:
%sudoroot sudoedit/var/www/*
Great, that helps... but...
On Tue, Dec 20, 2011 at 11:51 AM, Tanstaafl tansta...@libertytrek.org wrote:
On 2011-12-20 10:13 AM, Michael Mol mike...@gmail.com wrote:
So, incidentally, would 'sudo passwd root'...
Ouch... any way to avoid that?
I guess the best way would be to simply give them access to the commands
Am 20.12.2011 18:03, schrieb Tanstaafl:
On 2011-12-20 11:00 AM, Florian Philipp li...@binarywings.net wrote:
You should probably also restrict which files can be edited (not
/etc/passwd, /etc/shadow or /etc/sudoers, for sure!). You can do this
with globs. For example:
%sudoroot
On 2011-12-20 12:20 PM, Florian Philipp li...@binarywings.net wrote:
Well, as I've said, using a/normal/ editor doesn't solve the problem
because you can use nano for opening a shell, thereby escalating your
privileges. You have to use rnano (or nano -R). This solution is not
really meant for
On Tue, Dec 20, 2011 at 11:51:11AM -0500, Tanstaafl wrote
On 2011-12-20 10:13 AM, Michael Mol mike...@gmail.com wrote:
So, incidentally, would 'sudo passwd root'...
Ouch... any way to avoid that?
I guess the best way would be to simply give them access to the commands
they need...
12 matches
Mail list logo
