2011/10/25 Daniel Hilst Selli <danielhi...@gmail.com>: > On 10/25/11 15:42, immerrr again... wrote: >> >> (whoops, first message went out as a direct reply) >> >> On 10/25/2011 09:22 PM, Daniel Martí wrote: >>> >>> Wouldn't that be dangerous, to set sudo without any password prompt? >>> >> The point is to enable that only for certain commands (or absolute >> paths, sudoers allows that, see the manual). >> >> Well, ofc, you need to make sure only read-execute permissions are set >> on the script. And after that, I think, it's equivalent to the earlier >> solution, i.e. it's rather safe unless someone has root permissions to >> chmod/change/overwrite the script. Binary files induce some more >> security by obscurity (you need to read & understand disassembly to >> understand what's happening), but one still can "cat" the necessary >> contents into setuid-enabled file if root account is compromised. >> >> -- >> Cheers, >> immerrr >> > The question is not execute the file but read it as root. Is there a >
Sorry, miss send(ctrl+enter).. I mixed the solutions.. create a binary, put it on /usr/bin/local and put NOPASSWD on sudoers for it Thanks for help -- "Do or do not. There is no try" Yoda Master -- To unsubscribe, send mail to awesome-unsubscr...@naquadah.org.
