List Info

Thread: note 61873 added to function.exec
note 61873 added to function.exec
user name
 2006-02-14 12:10:42 
(quoting rassehund) "Just find sudoers in your system
and add there rights to NOBODY."

This is, of course, a MAJOR security risk. You don't need
sudo if you use it like that, you might just as well change
permissions for all commands and paths.

For remote server administration, if I don't use ssh, I
would let root run cronjobs that look at configuration
parameters which were set using a web interface, preferrably
using a database (for comfort) and input checks (for
security). The logging/status/statistical information that
the cronjobs produce are also made available via a web
interface.

That way, you don't have to perforate your security
mechanisms. And one more personal opinion: sudo isn't that
safe anyway: ever tried "sudo bash" or
"sudo vi"? I would avoid using it, if you get
groups and permissions right, you are not going to need it.
----
Server IP: 212.124.37.9
Probable Submitter: 84.59.33.179
----
Manual Page -- http:/
/www.php.net/manual/en/function.exec.php
Edit        -- http://master.php.net/manage/user-notes.php?action=
edit+61873
Delete: added to the manual -- htt
p://master.php.net/manage/user-notes.php?action=delete+61873
&report=yes&reason=added+to+the+manual
Delete: bad code            -- http://master.
php.net/manage/user-notes.php?action=delete+61873&report
=yes&reason=bad+code
Delete: spam                -- http://master.php.
net/manage/user-notes.php?action=delete+61873&report=yes
&reason=spam
Delete: useless             -- http://master.p
hp.net/manage/user-notes.php?action=delete+61873&report=
yes&reason=useless
Delete: non-english         -- http://mast
er.php.net/manage/user-notes.php?action=delete+61873&rep
ort=yes&reason=non-english
Delete: already in docs     -- http://
master.php.net/manage/user-notes.php?action=delete+61873&
;report=yes&reason=already+in+docs
Delete: other reasons       -- http://master.php.net/manage/user-
notes.php?action=delete+61873&report=yes
Reject      -- http://master.php.net/manage/user-
notes.php?action=reject+61873&report=yes
Search      -- http://ma
ster.php.net/manage/user-notes.php

-- 
PHP Notes Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub
.php
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )