On 6 Jun 2000, Preston F. Crow Adv94 wrote:
> In my case, we were switching from Solaris to Linux, and Solaris allowed
> suid scripts. We used a bunch of them, so all that had to be fixed before
> the Linux version could run. With suid scripts, it would have run
> immediately, and we could have fixed the security later.
If your Solaris script was foo, then rename it to foo.sh, add an entry in
/etc/super.tab(5) to allow $USER to run foo.sh as root (or whatever else),
and make a symlink from foo to /usr/bin/super; might be as quick as
echo "foo /path/to/foo.sh joebill,toto" >> /etc/super.tab
Besides, you can do finer tricks with super.tab than with plain
permissions + suid bit (sudo might fit the bill, too).
Really no need to mess with kernel space (unless, of course, the target
machine can't afford the "super" overhead. But if it was initially thought
for Solaris... I don't think this will be a problem).
-- Cyrille
------------------------------------------------------------------------------
Grumpf.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:25 EST