[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 Wayne Davison changed: What|Removed |Added Resolution|--- |FIXED

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 Wayne Davison changed: What|Removed |Added Status|NEW |ASSIGNED --- Comment

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #9 from Paul Donohue --- popt ticket requesting a solution in popt itself: http://rpm5.org/cvs/tktview?tn=98 -- You are receiving this mail because: You are the QA Contact for the bug. -- Please use reply-all

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #8 from Paul Donohue --- I agree with the general philosophy that it isn't rsync's problem to secure the command line. However, I don't see any good way that sudo can secure the rsync command line unless rsync

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #7 from Kevin Korb --- I have been thinking about this a bit and I believe it is a sudo problem and not an rsync problem. It is not rsync's job to secure the command line. Plus rsync is far from the only program

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #6 from Paul Donohue --- This all makes sense, I appreciate the suggestions, and I may actually implement some of this. However, the existence of this rrsync solution doesn't change the fact that there exists

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #5 from Karl O. Pinc --- On Sun, 12 Feb 2017 02:18:35 + samba-b...@samba.org wrote: > https://bugzilla.samba.org/show_bug.cgi?id=12576 > > --- Comment #4 from Paul Donohue --- > That's an

Re: [Bug 12576] popt aliases allow users to bypass sudo argument restrictions

On Sun, 12 Feb 2017 02:18:35 + samba-b...@samba.org wrote: > https://bugzilla.samba.org/show_bug.cgi?id=12576 > > --- Comment #4 from Paul Donohue --- > That's an interesting solution, but it doesn't really work well for > my use case. I would like my users to be

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #4 from Paul Donohue --- That's an interesting solution, but it doesn't really work well for my use case. I would like my users to be able to maintain their own SSH keys (this solution would require me to manage

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #3 from Kevin Korb --- There is no reason to involve rsyncd (or even sudo). See the rrsync script in the support directory. -- You are receiving this mail because: You are the QA Contact for the bug. --

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #2 from Paul Donohue --- Created attachment 12916 --> https://bugzilla.samba.org/attachment.cgi?id=12916=edit Add a new --no-popt-aliases option to explicitly disable popt aliases -- You are receiving this

[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

https://bugzilla.samba.org/show_bug.cgi?id=12576 --- Comment #1 from Paul Donohue --- Created attachment 12915 --> https://bugzilla.samba.org/attachment.cgi?id=12915=edit Do not enable popt aliases if --server or --daemon is specified -- You are receiving this mail