On 7/10/06, David Boyes <[EMAIL PROTECTED]> wrote:

Use sudo and permit them to run the init script in /etc/init.d. Install the
sudo package and 'man sudo'.

Be aware that sudo is only as secure as the command you let them
invoke. When the customer also has write access to some of the
configuration files (which you're probably forced to do, otherwise the
need to restart is hard to justify) then they can make the script do
anything they like.
While I have not looked at the apache boot script, with most of them
it does not work because the script was supposed to run as root and
expects the typical root environment (e.g. for the PATH). If you end
up allowing them to do somehting like    sudo sh -c
'/etc/init.d/apache start'

The good thing about sudo is that it provides auditing. In some
environments it works to let people invoke any command through sudo
but request a justification afterwards if it's beyond the agreed
commands.

Another option might be to provide the customer an easy interface to
request actions like restarting a service. This way you avoid the open
interfaces that allow for all kind of tampering. You could host that
interface on VM (and use SCIF) or another web server on the Linux
server.

Rob
--
Rob van der Heij
Velocity Software, Inc
http://velocitysoftware.com/

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390

Reply via email to