Re: Security question - running a root command not being root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: fedora-list@xxxxxxxxxx
Subject: Re: Security question - running a root command not being root
From: Donald Arseneau <asnd@xxxxxxxxx>
Date: 23 May 2006 04:59:03 -0700
Organization: TRIUMF: Canada's national meson facility
References: <009101c67a90$9a989cd0$6500a8c0@portahopi> <446F1AB6.8020600@xxxxxxxxxxxx> <ee50230d0605200638g5b2ece75s715a9a1cb14f5975@xxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3

"Vivek J. Patankar" <list307@xxxxxxxxx> writes:

> > Is there a way i can do this? without violating the "normal" security
> > rules? I mean no changing permissions to the command *tcpdump*.
> 
> sudo

sudo is the best answer, since you can give them permission to
run any particular command(s).

But for nostalgia's sake, you could create a group "dumpers", 
put those users in the group, change ownership of tcpdump to 
root.dumpers, and chmod it +s.

-- 
Donald Arseneau                          asnd@xxxxxxxxx

Follow-Ups:
- Re: Security question - running a root command not being root
  - From: Guillermo Garron

References:
- setuid question
  - From: Steven J Lamb
- Security question - running a root command not being root
  - From: Guillermo Garron
- Re: Security question - running a root command not being root
  - From: Vivek J. Patankar

Prev by Date: Re: which is batter ext3, reiserfs or XFS
Next by Date: Re: fstab-synch
Previous by thread: Re: Security question - running a root command not being root
Next by thread: Re: Security question - running a root command not being root
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]