Fw: Re: problem with script execution
Ray Still
rastill at shaw.ca
Fri Dec 1 07:47:03 PST 2006
----- Original Message -----
From: "Alex Zbyslaw" <xfb52 at dial.pipex.com>
To: "Ray Still" <rastill at shaw.ca>
Cc: <freebsd-questions at freebsd.org>
Sent: Friday, December 01, 2006 8:28 AM
Subject: Re: Fw: Re: problem with script execution
> Ray Still wrote:
>
>>>> Just out of curiosity: What is the "echo * |" supposed to do? From my
>>>> point of view the shell will expand "*" to the list of files and
>>>> directories in PWD, so "echo *" acts like a simple ls in this context.
>>>> This list is piped to sudo. But what does sudo do with these?
>>>
>>>
>>> sorry, I didn't want to show my passwords, so I replaced it with an
>>> astrix. the password of course is being read from the pipe by sudo
>>> because of the -S option.
>>
> Probably nothing to do with your original problem, but you do know that
> you can allow sudo to execute certain commands without a password?
> Passwords in shell scripts isn't exactly ideal...
I am aware of the security issues, but in this case I think it's the best
option because:
1) any one who can login to the machine also knows root passwords.
2) this script lives in a directory that is password protected by apache.
3) I don't like the thought of turning off passwords.
so if you can see the script, you won't learn anything you don't already
know.
am I totally out to lunch?
>
> E.g. my sudoers has:
>
> Cmnd_Alias HEALTHD = /usr/local/sbin/healthd
> [...]
> %wheel ALL=(root) NOPASSWD: SMART_STATUS, HEALTHD, MBMON
>
> So anyone in group wheel (me :-)) can excecute any of the named commands
> without any password. You can also force the flags that will be passed -
> the sudoers man page has more details.
>
> --Alex
>
>
>
>
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.430 / Virus Database: 268.15.2/559 - Release Date: 11/30/2006
> 5:07 AM
>
>
More information about the freebsd-questions
mailing list