On Mon, 2015-08-17 at 06:48 +0100, Edward Bartolo wrote: > The backends can be integrated into one single executable not to > clutter the sudoers file and to increase system efficiency.
One suggestion here. Forget sudo and just make the backend suid root like other system utilities of this type. Just make darned sure there is no way to feed it command line input that could allow a root exploit of course. It can check whatever permissions like ownership of the local console/display, membership in wheel, etc. are desired to restrict usage to only some users itself. Maintaining rules in sudoers is less packagable even now that there is a /etc/sudoers.d directory to dump fragments into.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
