[Gllug] Apache access to root-owned files

John G Walker johngwalker at tiscali.co.uk
Thu Jan 25 17:04:47 UTC 2007



On Thu, 25 Jan 2007 16:16:40 +0000 (GMT) Jason Clifford
<jason at ukfsn.org> wrote:

> On Thu, 25 Jan 2007, Christopher Mocock wrote:
> 
> > 
> > Obviously when finished, the script needs to be able to write to the
> > root-owned /etc/sysconfig/network-scripts/ifcfg-eth0 file.
> > 
> > The question is, what's the best (i.e. least insecure) way to do
> > this? I'll use .htaccess to make sure authenticated users only have
> > access to the CGI page, but obviously I'm concerned about the fact
> > that something may have to run as root temporarily in order to
> > write the file.
> 
> sudo calling a single command to effect the necessary change?
> 
> That way you can configure sudo to only allow that specific command
> to be used with root privileges.
> 

But wouldn't that still involve users having to know and use the root
password?

-- 
 All the best,
 John
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list