ports/100715: [Maintainer Update] port security/super - add MASTER_SITES
Babak Farrokhi
babak at farrokhi.net
Sat Jul 22 12:00:36 UTC 2006
>Number: 100715
>Category: ports
>Synopsis: [Maintainer Update] port security/super - add MASTER_SITES
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Sat Jul 22 12:00:34 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Babak Farrokhi
>Release: FreeBSD 6.1-STABLE i386
>Organization:
>Environment:
System: FreeBSD 6.1-STABLE #2: Tue Jul 11 14:37:46 IRST 2006
root at starfish.datak.net:/usr/obj/usr/src/sys/SMP
>Description:
- add MASTER_SITES
- update pkg-descr to make portlint happy
- add WWW and AUTHOR
>How-To-Repeat:
>Fix:
--- super.patch begins here ---
diff -ruN super.orig/Makefile super/Makefile
--- super.orig/Makefile Sat Jul 22 15:16:52 2006
+++ super/Makefile Sat Jul 22 15:21:35 2006
@@ -9,7 +9,8 @@
PORTNAME= super
PORTVERSION= 3.26.1
CATEGORIES= security sysutils
-MASTER_SITES= ftp://ftp.ucolick.org/pub/users/will/
+MASTER_SITES= ftp://ftp.ucolick.org/pub/users/will/ \
+ http://www.ucolick.org/~will/RUE/super/
EXTRACT_SUFX= -tar.gz
MAINTAINER= babak at farrokhi.net
diff -ruN super.orig/pkg-descr super/pkg-descr
--- super.orig/pkg-descr Sat Jul 22 15:16:52 2006
+++ super/pkg-descr Sat Jul 22 15:23:46 2006
@@ -1,4 +1,4 @@
-Super is a setuid-root program that offers
+Super is a setuid-root program that offers:
o restricted setuid-root access to executables, adjustable
on a per-program and per-user basis;
@@ -7,30 +7,8 @@
scripts can be run as root (or some other uid/gid), without
unduly compromising security.
-Sample uses:
- - to call a script that allows users to use mount(8) on
- cdrom's or floppy disks, but not other devices.
+The design philosophy behind super is two-fold:
- - to restrict which users, on which hosts, may execute a
- setuid-root program.
-
- - to allow groups of trusted users (e.g. an "operator" group) complete
- root access to sets of selected commands such as, say, line-printer
- control commands, without giving away access to other commands,
- and with full logging of all commands used.
-
-
-Super and sudo
---------------
-Sudo --
- Sudo allows a permitted user to execute a command as the superuser.
- Its central design philosophy is that each user can be
- trusted when executing certain commands. This is implemented
- by allowing each user to execute the restricted commands for
- which s/he is trusted, without giving access to other restricted commands.
-
-Super --
- The design philosophy behind super is two-fold:
(a) some users can be trusted when executing certain commands;
(b) there are some commands, such as a script to mount CDROM's,
which you'd like to be safely executable even by users who
@@ -39,14 +17,5 @@
can be hard to break, and super provides that wrapper so that
even a non-trusted user can use the scripts.
-In the author's view, the main differences to the administrator are:
-
- (1) the files that specify valid user/command combinations have
- a different look and feel.
-
- (2) super provides a safe wrapper for scripts, so that a
- well-written script can be run safely by ordinary
- users without having to actually trust them.
-
-
--- David (obrien at FreeBSD.org)
+WWW: http://www.ucolick.org/~will/#super
+AUTHOR: Will Deich <will at ucolick.org>
--- super.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list