Date: Mon, 19 Jul 1999 01:47:35 -0700 (PDT) From: Vincent Poy <vince@venus.GAIANET.NET> To: "T. William Wells" <bill@twwells.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: how to watch the root user? Message-ID: <Pine.BSF.4.05.9907190145430.331-100000@venus.GAIANET.NET> In-Reply-To: <7muo54$reg$1@twwells.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 19 Jul 1999, T. William Wells wrote: > In article <Pine.BSF.4.05.9907190100020.331-100000@venus.GAIANET.NET>, > Vincent Poy <vince@venus.GAIANET.NET> wrote: > : Ah, sudo or super. But would they need to login as themself then > : need another password sort of like su before they get the privileges or is > : there a way so they can default login and it has only those commands? > > There are such things as "restricted shells", which are supposed > to provide a restricted set of commands and functionality but the > security on those has always been questionable. There may actually > be such a beast which is actually secure but I would not bet money > on it. However, it would be easy enough to whip up a little perl > "shell" to run a set of commands and there may be some menuing > systems that will work for this but you'd have to go looking.... Yes, the problem is that one of our new customers is doing a virtual ISP at our location and from the old ISP which runs BSDI. It seems like they have a telnet account that will only go into a menu, all they can do is do adduser, rmuser and passwd on a certain user. I can do the shell script for the menus and stuff but I'm just trying to figure out how to give their sales associates access to do only those commands with root privileges and not others. Cheers, Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9907190145430.331-100000>