This is not a great idea - do you want smbmount or mount?
This makes the smbmount be setuid - it runs as the root user.
This would let users mount (& unmount if you setuid the the other file-smbunmount) Windows SMB mounted filesystems. Which is possibly the only valid mount/unmount you would want users doing. Otherwise they could trash your system. setuid on anything like mount is both a security risk and an open can of worms, waiting to crawl out.
Last edited by jim mcnamara; 09-08-2008 at 01:04 PM..
Hi
I have make a program that needs root privleges but any user can try to run it, so what I want it is, when any user tries( other than root ) to run the program, an input prompt would open to enter root password ( if user knows ) and program will run ( otherwise exit ), and after completing... (21 Replies)
Good day Guys!!!
I am currently making a script in AIX, the script runs a SAS job, the owner of the script is the root, but the SAS jobs cannot be run by the root, as it should be run by a user 'sasia'. But inside the script, root creates a logfile, so what I need is just to su to sasia for the... (3 Replies)
Hello,
As admin with root rights, to execute any command from another user without password-ask, I do : su - <user> -c "<cmd>"
But how can I do to give the same rights to another physical user without using root user ? :confused:
I've try to create another user "toor" with the same primary... (4 Replies)
Hi all,
I am trying to eject the cdrom from a livecd after certain stage...
Now assuming that it is possible to eject,please consider my issue!!!
The OS boots into a regular user by default...so i am unable to use the eject command to push out the drive...
However if i try pfexec eject it... (3 Replies)
i have installed oracle 10g and two databases.
i enter database1 as sysdba and create a user called user1.i give the privileges as "select on" to user1.
i enter sqlplus from the shell prompt. i enter as user1. but when i do "select * from emp" i have a "the table doesn't exist". how can i give... (3 Replies)
Afternoon everyone,
I would want to ask that how/what privileges i should grant to a new user so that the user can clear /disable printing job queue?
Solaris OS: 5.9
Thanks. :b: (4 Replies)
My English is no very good.
I must make a bash scripting sh create like a backdoor, and when execute the script a user without privileges convert in super user or root, whithout introducing the password.
In Spanish:
Crear un script que sirva como puerta trasera al sistema, de manera que al... (1 Reply)
I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way?
I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies
LEARN ABOUT OSX
lppasswd
lppasswd(1) Apple Inc. lppasswd(1)NAME
lppasswd - add, change, or delete digest passwords.
SYNOPSIS
lppasswd [ username ]
lppasswd -a [ -g groupname ] username
lppasswd -x username
DESCRIPTION
lppasswd adds, changes, or deletes passwords in the CUPS digest password file, passwd.md5. When run by a normal user, lppasswd will prompt
for the old and new passwords. When run by the super-user, lppasswd can add new accounts (-a username), change existing accounts (user-
name), or delete accounts (-x username) in the digest password file. Digest usernames do not have to match local UNIX usernames.
OPTIONS
lppasswd supports the following options:
-g groupname
Specifies a group other than the default system group.
SECURITY ISSUES
By default, the lppasswd program is not installed to allow ordinary users to change their passwords. To enable this, the lppasswd command
must be made setuid to root with the command:
chmod u+s lppasswd
While every attempt has been made to make lppasswd secure against exploits that could grant super-user privileges to unprivileged users,
paranoid system administrators may wish to use Basic authentication with accounts managed by PAM instead.
SEE ALSO lp(1), lpr(1),
http://localhost:631/help
COPYRIGHT
Copyright 2007-2013 by Apple Inc.
22 February 2008 CUPS lppasswd(1)