On Wed, 2006-06-07 at 19:52 -0400, Mike McLean wrote: > [EMAIL PROTECTED] wrote: > > -- Should we allow untrusted users access to the 'mock' group? > > This has been a concern of mine as well. However, I think the solution > is not to harden mockhelper, but to change the role of mockhelper. > > At the moment, mock runs as a mortal user and uses mockhelper to execute > a limited number of shell commands as root. What I'd like to do is have > mock-helper (possibly renamed) run mock.py (and only mock.py) as root, > letting mock.py take actions directly without having to filter back > through mockhelper.
Ok, so this is the coolest proposed solution I have seen to this problem. I like it a lot. -- Michael -- Fedora-buildsys-list mailing list Fedora-buildsys-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
