[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [LTP] What is "super"
On Mon, Mar 12, 2001 at 09:45:59PM +0100, Urban Widmark wrote:
> I put the full path in the sudoers file and then ran the script. I tested
> again now and it still works for me, so it's not that I did something
> special the first time.
Hmm, I'll have to tinker with it more.
> Btw, isn't it a bit dangerous to run without pathname, ie 'super foo' ?
super uses a restricted list of programs just like sudo does. Unless
you do something wrong in /etc/super.tab, there isn't anything dangerous
about it. I did notice that running "super foo" with foo listed in
/etc/super.tab, but not in your path works, which probably shouldn't.
> If I modify runalltest.sh to put my personal bin dir first, I can run
> whatever I want as foo with root permissions. In most cases this is a
> non-issue I guess, since the person running ltp is probably a developer on
> a single user machine. But still?
Did you actually do this? I don't think it's possible, but I'll have to
try it out.
Nate Straz email@example.com
sgi, inc http://www.sgi.com/
Linux Test Project http://oss.sgi.com/projects/ltp/