[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SU for group admin
HI.
On Wed, 2 Jul 1997, Constantin Eizner wrote:
> Date: Wed, 02 Jul 1997 07:48:42 +0300
> From: Constantin Eizner <eizner@research.haifa.ac.il>
> To: linux-il@linux.org.il
> Subject: Re: SU for group admin
>
> Alexander Indenbaum wrote:
> >
> > On Mon, 30 Jun 1997, Eizner Constantin wrote:
> >
> > > Hi all.
> > > How can I get to some user options to change the users pasword only for
> > > his group. SUDO doesn't help.
> > > Any Idea?
> > >
> > > Any information wouldbe appreciated.
> >
> > There is very unsafe and simple solution:
> > Write suid script which will do it.
>
>
> Ok. I founded another not conventional way to do it.
> I wrote CGI for Web that's check password for SU group , get him in
------------------------------------------------
it's dangerous.
> and ask for username and new password. After lot of checking i put
> all information for a text file with only root permissions.
> I run in crontab every 30 minutes another script that check if
what's the source of your script???
I think that in this time interval an user could take the root shell and
cause some problems on your site .
do you not think that is dangerous???
I know that use CGI are very dangerous for the security of the system.
by.
Meir faraj.
> group SU do not try to change password for user who not same GID
> or even ROOT.
>
> Any comments.
>
____________________________________________________
Meir
Faraj
E_mail:faraj@avoda.jct.ac.il
faraj@beitza.jct.ac.il
faraj@zara26.jct.ac.il
faraj@shekel.jct.ac.il
web:http://shekel.jct.ac.il:80/~faraj
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
tel:972-2-6489089 / 02-6489089
972-50-982625 / 050-982625
address:21 avaad aleumi jerusalem
_______ _________ ____________
|___ _| / _________| \____ ______\
| | | | | |
| | | | | |
______/ / _ | |_________ _ | | _
|_______/ |_| \__________| |_| |_| |_|
____________________________________________________
References: