6185Re: "ocaml_beginners":: Permissions and processes
- Jul 2 10:46 AMOn Sun, Jul 02, 2006 at 02:19:15PM -0000, roparzhhemon wrote:
> My question is : can you create within Ocaml a functionThis is a general Unix question, and nothing particular to OCaml.
> execute_with_perm : string->string->process_status
> (in the vein of Unix.system)
> such that
> execute_with_perm comm passwd
> executes the command comm, providing the
> password passwd to gain the right to do it ?
> For example,
> execute_with_perm "sudo doSomethingDangerous" "abracada"
> would allow the (currently logged) user whose passwd is "abracada" to execute
> the command "doSomethingDangerous".
It looks like you need to investigate the '-S' option to sudo. You
can run 'sudo -S doSomethingDangerous' using the Unix.open_process_out
function, then send the password to sudo over the channel.
Other options include having a setuid executable or a daemon to manage
the transition between users, but unless you know what you're doing,
you will probably end up just adding a security hole to the system.
Richard Jones, CTO Merjis Ltd.
Merjis - web marketing and technology - http://merjis.com
Team Notepad - intranets and extranets for business - http://team-notepad.com
- << Previous post in topic Next post in topic >>