Search This Blog

2015-10-20

using setuid bit properly

http://unix.stackexchange.com/questions/166817/using-the-setuid-bit-properly

... or simpler...

@ http://serverfault.com/questions/397969/how-can-i-use-setuid-on-a-shell-script-to-run-as-a-non-root-user

You can configure sudo to allow people to run a command as a specific no root user too e.g. in sudoers:

user1   (ALL) = (appuser) /path/to/yourapp

would allow the user user1 to run your app as appuser with:

sudo -u appuser /path/to/yourapp


Similarly:

%somegroup    (ALL) = (appuser) /path/to/yourapp

in sudoers would allow the users in the group somegroup to run you app as appuser with:

sudo -u appuser /path/to/yourapp

http://askubuntu.com/questions/39281/how-to-run-an-application-using-sudo-without-a-password

YOURNAME ALL = NOPASSWD: /path/to/yourapp