* Re: [gentoo-user] Re: Allow non root users to edit files owned by root?
@ 2011-12-22 18:53 99% ` Tanstaafl
0 siblings, 0 replies; 1+ results
From: Tanstaafl @ 2011-12-22 18:53 UTC (permalink / raw
To: gentoo-user
On 2011-12-22 1:00 PM, Nikos Chantziaras <realnc@arcor.de> wrote:
> On 12/22/2011 05:44 PM, Tanstaafl wrote:
>> On 2011-12-20 12:19 PM, Nikos Chantziaras <realnc@arcor.de> wrote:
>>> If you allow someone to edit root owned files, you're practically giving
>>> him root access.
>>
>> Well, yeah, but only on those defined files...
>
> root access is global. You can't limit it. root is root, the all
> powerful Unix being. Period :-)
Ummm... then what is the purpose of sudo??
If I add the following line to sudoers:
%sudoroot ALL=(root)NOPASSWD:/bin/chmod /var/www/localhost/htdocs/*
Are you saying that this does NOT limit anyone in the sudoroot group to
*only* be able to run the chmod command, and only on files located in
/var/www/localhost/htdocs?
> Then you put the files in a special group and make them g+w, and add the
> affected users to that group. Then they will able to write to those
> files. If you want to give them write access to a whole directory, you
> put the directory in the group and make it g+w. This is how it's
> traditionally been done in Unix for ages, and it's extremely easy to set
> up.
Yeah, I think I got a little tunnel vision trying to do this with sudo.
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2011-12-20 15:04 [gentoo-user] Allow non root users to edit files owned by root? Tanstaafl
2011-12-20 17:19 ` [gentoo-user] " Nikos Chantziaras
2011-12-22 15:44 ` Tanstaafl
2011-12-22 18:00 ` Nikos Chantziaras
2011-12-22 18:53 99% ` Tanstaafl
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox