@ http://unix.stackexchange.com/questions/166817/using-the-setuid-bit-properly
... or simpler...
@ http://serverfault.com/questions/397969/how-can-i-use-setuid-on-a-shell-script-to-run-as-a-non-root-user
You can configure sudo to allow people to run a command as a specific no root user too e.g. in sudoers:
user1 (ALL) = (appuser) /path/to/yourapp
would allow the user user1 to run your app as appuser with:
sudo -u appuser /path/to/yourapp
Similarly:
%somegroup (ALL) = (appuser) /path/to/yourapp
in sudoers would allow the users in the group somegroup to run you app as appuser with:
sudo -u appuser /path/to/yourapp
@ http://askubuntu.com/questions/39281/how-to-run-an-application-using-sudo-without-a-password
YOURNAME ALL = NOPASSWD: /path/to/yourapp
2015-10-20
2015-10-19
deny / allow hosts
@ http://www.linuxquestions.org/questions/linux-newbie-8/how-to-configure-ssh-to-allow-or-deny-specify-host-ip-address-610246/
/etc/hosts.deny is checked before /etc/hosts.allow, so you can go
* hosts.deny
ALL : ALL
first, we block everything from everyone,
* hosts.allow
ALL : localhost
sshd: 192.168.0.22
proftpd: 192.168.0.22
which means only 192.168.0.22 on your local network
can access ssh or the proftp server on that machine.
/etc/hosts.deny is checked before /etc/hosts.allow, so you can go
* hosts.deny
ALL : ALL
first, we block everything from everyone,
* hosts.allow
ALL : localhost
sshd: 192.168.0.22
proftpd: 192.168.0.22
which means only 192.168.0.22 on your local network
can access ssh or the proftp server on that machine.
Subscribe to:
Posts (Atom)