Corinne Haesaerts
sysadmin_at_astro.su.se ( the really good info for help..)
Frank Wortner ( the winner .. thank you very much)
Darrly Cook
Yusuf Kursat Tuncel (dear Old friend... :)
Thank you
What suggested :
1- use dop (division of priviliges). This is a program which asks with which
privileges machine will run the program (lets say dxkerenel tuner.) It
runs -I think- only in graphical user interface. And my problem was about a
script which will be run in text based terminals. Anmd it also does not make
a solution . It is far away from where the solution is walking...But feeling
to help is much more important than wthat has done.. so accept my thanks...
2- sh and ksh function definitions a bit different. I am using ksh. and it
accepts ;
function Name
blah; blah
}
but in sh, it is different. So in fact there should be no error as long as I
am using ksh.. As Frank stated, I must use
#!/usr/bin/ksh
at the beginning of the scipt, if you dont use it , then sudo accepts it as
sh and sh does not know -function- keyword. it expects
funcName()
so this was the problem ...
3- use full path names with sudo...
--is it dangereous to use scripts with sudo ?
answer (from sysadmin_at_astro ...)
I think in your case the main risk will be from insecure coding in the
script itself. Anything that takes user input needs to be *very* careful
at validating it. But to answer your question, it's just as dangerous to
run a shell script with sudo as it is to have a setuid script, except for
the fact that sudo gives you more flexibility in controlling who is allowed
to run the script. But you still need to trust those users not to leverage
their privilege into a root shell. The same techniques exploiting race
conditions apply.
selcuk.karaca_at_aski.gov.tr
Unix sys Admin
ASKI - ANKARA
Received on Sat Sep 30 2000 - 19:42:10 NZST