On Nov 29, 2007, at 1:37 AM, Steve Bertrand wrote:
[snip]
A legitimate question:
If I add user 'www' to 'sudoers' with the ability to run adduser, does
that not give user 'www' to put the added user in a group, perhaps
wheel?
If said commands are passed via 'user' to web browser to web ser
On Nov 28, 2007 11:37 PM, Steve Bertrand <[EMAIL PROTECTED]> wrote:
> >> Although sudo and SSH are part of the solution, providing a web server
> >> with full rights on a remote server if they can gain keyless entry is a
> >> large mistake.
> >
> > Steve,
> >at no point does the original email
root, that could be automated in a script (no password required).
- have information input into browser
- have web server save information to server disk in non-executable format
- have script (or admin) authenticate/authorize commands to be performed
(recommend doing this manually for a while t
> ssh using key authentication and sudo configured to allow a certain
> user to run the needed commands and only the needed commands as root.
> rsh? Are you living in a cave? :)
Thanks for the replies.
The original script was written at the cave era, only I am trying to
improve it today.
Would t
>> Although sudo and SSH are part of the solution, providing a web server
>> with full rights on a remote server if they can gain keyless entry is a
>> large mistake.
>
> Steve,
>at no point does the original email say "we need to execute user
> input". sudo does not equate to providing full
On Thu, November 29, 2007 06:23, Steve Bertrand wrote:
>> What other solution would you suggest to execute a shell remotely as
>> root, that could be automated in a script (no password required).
>
> - have information input into browser
> - have web server save information to server disk in non-ex
On Nov 28, 2007 9:40 PM, Steve Bertrand <[EMAIL PROTECTED]> wrote:
> > ssh using key authentication and sudo configured to allow a certain
> > user to run the needed commands and only the needed commands as root.
> > http://www.gratisoft.us/sudo/
> > http://sial.org/howto/openssh/publickey-auth/
>
> ssh using key authentication and sudo configured to allow a certain
> user to run the needed commands and only the needed commands as root.
> http://www.gratisoft.us/sudo/
> http://sial.org/howto/openssh/publickey-auth/
Yes but in the OP's context, providing this would mean that ANY command
supp
> What other solution would you suggest to execute a shell remotely as
> root, that could be automated in a script (no password required).
- have information input into browser
- have web server save information to server disk in non-executable format
- have script (or admin) authenticate/authoriz
On 11:28:24 Nov 29, Olivier Nicole wrote:
> Hi,
>
> Part of (un)registerings users on my system consists in connecting to
> various servers to add the user account to some services:
>
> Registering users is done wia a web page, and the web server will
> remote execute a script on the mail server
On Nov 28, 2007 8:28 PM, Olivier Nicole <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Part of (un)registerings users on my system consists in connecting to
> various servers to add the user account to some services:
>
> Registering users is done wia a web page, and the web server will
> remote execute a scr
Hi,
Part of (un)registerings users on my system consists in connecting to
various servers to add the user account to some services:
Registering users is done wia a web page, and the web server will
remote execute a script on the mail server to add the users in the
aliases and run newaliases, remo
12 matches
Mail list logo
