[ale] C question

Robert L. Harris robert.l.harris at gmail.com
Thu May 22 22:09:53 EDT 2014 

The only user-id change needed is for the one server to server connection.
 Everything else runs as the normal user.  I want to keep it as simple as
possible for the users as I'm really pushing the boundaries of their
technical ability by having them use putty in the first place let alone
asking them to run a command line.  The main perl script does all the logic
checking, etc already, but I don't want someone else finding and running
the setuid script and doing something malicious just because they can.


On Thu, May 22, 2014 at 7:20 PM, JD <jdp at algoloma.com> wrote:

> On 05/22/2014 07:37 PM, Robert L. Harris wrote:
> > The reason for the "system" is just to see what value I'm getting out.
> >
> > I have a perl script doing a bunch of processing which will be run by a
> couple
> > different users.  One aspect of the perl script is to connect to another
> machine
> > and run a command as a specific user.  Instead of having others know the
> passwd,
> > etc.  I have a hostkey set up from my server as a non-privledged user to
> another
> > system.  I want to have the C program setuid to the non-privledged user,
> ssh to
> > the second server and run 1 command with the only variable being XXXXX.
>  More
> > convoluted than I want but the safest method I can come up with to get
> just the
> > output I need from the second server.
>
> This sounds like a job for sudo to me.  I must be reading it wrong.
> sudo isn't just for root/admin needs.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>



-- 
:wq!
---------------------------------------------------------------------------
Robert L. Harris

DISCLAIMER:
      These are MY OPINIONS             With Dreams To Be A King,
       ALONE.  I speak for                      First One Should Be A Man
       no-one else.                                     - Manowar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140522/ffc34211/attachment-0001.html>

More information about the Ale mailing list