Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Restrict access to .ksh scripts
Top Forums Shell Programming and Scripting Restrict access to .ksh scripts Post 302592071 by methyl on Sunday 22nd of January 2012 04:53:29 PM
Old 01-22-2012
Thank you jlliagre for this most useful post. Not sure how your link is relevant, but it was interesting.

Obvously "by the book" is referring to documented rules. I can do without inane and condescending responses to serious subjects.

The fundamental rule that you cannot elevate the permissions of the contents of a script by changing the permissions of that script file appears to be incorrect in your O/S. I shall explore more. Admittely it was true in some implementations of early unix, but it should not occur in a modern unix.

If the account "jlliagre" is not in the SECONDARY group "other" then your post is still hard to understand. I am sure you know an account can be in more than one group.

Ps. Don't take this personally. The subject of elevating permissions of Shell Scripts is sensitive to me. I have yet to see a modern example, but yours may well prove to be the first.
Last edited by methyl; 01-22-2012 at 06:05 PM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

restrict tcp-port access

Hi Is there any way to restrict the TCP-IP port usage. I want to restrict TCP-IP port 1500/1550 to the oracle osuser. Tanks in advance. Remi (2 Replies)
Discussion started by: remivisser
2 Replies

2. UNIX for Advanced & Expert Users

Apache restrict access with certificates

Hello! Does anyone know if it's possible to restrict access to apache webserver with certificates? What I want is that if a user has a certificate in his browser then he get's access, if not show error or another page. I would be very happy if someone knew! /D (2 Replies)
Discussion started by: Esaia
2 Replies

3. Red Hat

restrict access of a user to two directories only

Hi all, I am using RHEL 5.0 I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory. I do not want to change his login shell which is ksh or bash by default. Moreover, he should not even have read access of other directories. ... (10 Replies)
Discussion started by: vikas027
10 Replies

4. UNIX for Advanced & Expert Users

Restrict access to specific users.

Hi All! I would like to know if there is any specific way by which I can restrict access to apecific users (ip addresses). OS : Red hat linux Thanks! nua7 (6 Replies)
Discussion started by: nua7
6 Replies

5. UNIX for Advanced & Expert Users

Restrict Access to the folder

Hi I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders. /export/home/kapil/shared, /export/home/kapil/shared/Folder1 /export/home/kapil/shared/Folder2 These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies

6. Solaris

Restrict access to solaris10 [SOLVED]

Hello, I have a solaris10 sparc running on a server and it is a Sun DS (LDAP) server as well as LDAP client. I have changed ssh server port to something other than 22 but is there any way to configure that only users abc, def, ghi from LDAP can login via ssh? SSH software on solaris10 is... (0 Replies)
Discussion started by: upengan78
0 Replies

7. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

8. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

9. Ubuntu

Restrict SUDO Access

Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux Hi Folks, Please help me. I am bit struck here. Here is the OS info. Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux I have a... (17 Replies)
Discussion started by: explorer007
17 Replies

10. UNIX for Dummies Questions & Answers

Restrict access

I'm trying to use squid to restrict elinks' access to certain websites(only http traffic). I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :) ---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies

LEARN ABOUT FREEBSD

gshadow

GSHADOW(5)						   File Formats and Conversions 						GSHADOW(5)

NAME

       gshadow - shadowed group file

DESCRIPTION

       /etc/gshadow contains the shadowed information for group accounts.

       This file must not be readable by regular users if password security is to be maintained.

       Each line of this file contains the following colon-separated fields:

       group name
	   It must be a valid group name, which exist on the system.

       encrypted password
	   Refer to crypt(3) for details on how this string is interpreted.

	   If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, users will not be able to use a
	   unix password to access the group (but group members do not need the password).

	   The password is used when a user who is not a member of the group wants to gain the permissions of this group (see newgrp(1)).

	   This field may be empty, in which case only the group members can gain the group permissions.

	   A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line
	   represent the password field before the password was locked.

	   This password supersedes any password specified in /etc/group.

       administrators
	   It must be a comma-separated list of user names.

	   Administrators can change the password or the members of the group.

	   Administrators also have the same permissions as the members (see below).

       members
	   It must be a comma-separated list of user names.

	   Members can access the group without being prompted for a password.

	   You should use the same list of users as in /etc/group.

FILES

       /etc/group
	   Group account information.

       /etc/gshadow
	   Secure group account information.

SEE ALSO

       gpasswd(5), group(5), grpck(8), grpconv(8), newgrp(1).

shadow-utils 4.5						    01/25/2018								GSHADOW(5)
All times are GMT -4. The time now is 02:49 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy