[EMAIL PROTECTED] wrote: > > I am running a Debian system right now as a web development staging server. > At > present, it is only on a local network, but could conceivably become a gateway > to the Internet as well. So for the time being, it is basically a two-user > system (me and my wife). > > I am teaching my wife to do web development, and would like her to be able to > use the Linux system. This includes having her be able to shut the system > down > when she's done using it (we can't afford to leave this old 486 system running > without a pretty heavy subsidy from the electric co!). My wife is not a real > experienced computer user in general, and she has NO UNIX experience > whatsoever. > Needless to say, I'm not really crazy about the idea of giving her root > access, > lest some simple mistake hose the system completely. > > What would be the best way to enable her to run the shutdown command, without > creating a giant security hole which might bite me in the @*% should this > machine ever become a gateway? My thoughts up to this point: > > 1) Creating a group consisting of my wife and myself, and doing a setuid and > chmod 710 on the shutdown command itself, and changing group ownership to the > group with me and her in it. > > 2) Creating a group consisting of my wife and myself, and writing a script > which executes the shutdown command, then setting the ownership for the script > to root, group ownership on the script to our group, and doing a setuid on > just > the script.
I prefer #1 because setuid scripts are always a poor idea. If the script is in suidperl (or is it perlsuid?), I'd object less (and in a pinch I might even do #2 for quickness, given proper signal handling at the top of the script). In short, I guess I'm saying Do it the way you know best; just make sure you handle all interupts at the top of your code and THINK about what you're doing and the order you do it in. > > It seems to me that the second option is the best as I don't have to monkey > around with the permissions on the command. Is the second any more of a > security concern than the first, or, as I assume, less? Say my wife's user > password is ridiculously easy to guess; do these give the same amount of > system > access to the person who cracks into her account? > > Does anyone know of a better way to do this? > > -- > TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to > [EMAIL PROTECTED] . > Trouble? e-mail to [EMAIL PROTECTED] . -- ----------------------------------------- Ralph Winslow [EMAIL PROTECTED] The IQ of the group is that of the member whose IQ is lowest divided by the number of members. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .