On Tue, Sep 08, 1998 at 02:04:48AM -0700, Philippe Troin wrote: > Michael Bramer wrote: > > > Hello > > > > From the Readme: > > # Runas is a program that allows the super-user to run a program as if > > # an ordinary user ran it. There are two main uses for runas, and both relate > > # to security. > > # > > # One is to allow the super-user to execute a binary given by an > > # un-trusted user. Suppose the program is /usr/smith/program. The super-user > > # simply creates a dummy account, say one called 'nobody' which doesn't have > > # sufficient privileges to do any harm (the account needn't have login > > # capability). The super-user can then do: > > # > > # 'runas nobody /usr/smith/program' > > Out of my head, this is a runas clone: > #!/bin/sh > user=$1 > shift > exec su -c "'$@'" $user but only a clone :-) see runas --help: Usage: runas [ options ] [ -- ] user_name executable [ param1, param2, ... ] The following options are available: -d directory Set the initial directory -c directory Set the root directory -g Run in own process group -p number Adjust priority (-20 = max, 20 = min) -i filename Redirect input from file -o filename Redirect output to file -e filename Redirect errors to file Order of execution is: Change group, change directory, redirect, change root, establish process group, set priority, change user id, execute. RunAs -- Version 1.01 -- Copyright (C) 1994 -- S. Joel Katz Grisu -- Michael Bramer - a Debian Certified Linux Developer http://www.debian.org PGP: finger grisu@master.debian.org -- Linux Sysadmin -- Use Debian Linux "Now let me explain why this makes intuitive sense." --- Prof. Larry Wasserman
Attachment:
pgpEXMErXmA2a.pgp
Description: PGP signature