If you like to transparently run a privileged rootl-less
program, you currently need to use a profile enabled shell (e.g. pfsh, pfksh,
pfcsh). Otherwies you would need to call:
/usr/bin/pfexec command args
pfexec.c is nearly 600 lines of code.
How about adding aprox. 50 lines from isaexec to pfexec to allow doing the
following:
link /usr/bin/pfexec to /usr/bin/cdrecord
copy cdrecord to /usr/bin/i86/cdrecord
then call /usr/bin/cdrecord and get a cdrecord with a few added privs listed
in /etc/security/exec_attr
Jörg
--
EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni)
[EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
_______________________________________________
opensolaris-code mailing list
[email protected]
https://opensolaris.org:444/mailman/listinfo/opensolaris-code
