[sclug] root-like read-all but not write ability?

David Given dg at cowlark.com
Wed Sep 5 22:13:32 UTC 2007

Hash: SHA1

John Stumbles wrote:
> A backup program I'm writing needs to be able to read all files and
> traverse all directories on the system (as root can do) but it would be
> nice if it didn't have to be trusted with root's write privileges, since
> it doesn't need them. I suspect this is one of those wouldn't-it-be-nice
> things that aren't actually possible, but maybe I'm missing something?

It's pretty hacky, but you could always export your root filesystem via NFS
with all_squash and ro, and then reimport it again; naturally, you restrict
importers to Be aware that this does allow the importer to see all
files, which is a bit of a security hole (to say the least!).

- --
??? ?????????????? ??? http://www.cowlark.com ???????????????????
? "There does not now, nor will there ever, exist a programming language in
? which it is the least bit hard to write bad programs." --- Flon's Axiom
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the Sclug mailing list