[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: adduser not by root
Since adding a user basicly means writing to
/etc/passwd (or /etc/shadow, or whatever) on
most single-server environments, you can't.
You can obviously make adduser suid, but that
would be fatally stupid since then anyone will
be able to create a root accout (I wouldn't
go for sudo either, it amounts to the same
thing unless you write your own frontend
which does tons of sanity/taint checks on the input).
So what you actually need is some sort of access-management
system. Linux-conf allows you to delegate the right
to add users to users w-o giving them root access,
and there are quite a lot of other systems out there
that do the same (Webmin is another).
Choose carefully, it's very easy to
create security holes that you can fly a 747 through.
Ben-Nes Michael wrote:
>
> Hi All
>
> How can i tell the system to allow other users to be able to adduser ?
>
> --
> --------------------------
> Canaan Surfing Ltd.
> Internet Service Providers
> Ben-Nes Michael - Manager
> Tel: 972-6-6925757
> Fax: 972-6-6925858
> http://www.canaan.co.il
> --------------------------
>
> =================================================================
> To unsubscribe, send mail to linux-il-request@linux.org.il with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail linux-il-request@linux.org.il
--
-------------------------------------------------------------------------
| Omer Efraim | Earth First! |
| omere@tcmail.tau.ac.il | We can Strip Mine the other planets later... |
-------------------------------------------------------------------------
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il