Loading ...
Sorry, an error occurred while loading the content.

Permissions and processes

Expand Messages
  • roparzhhemon
    Hello all, there s an issue I m still confused about although I read the Unix module documentation about it several times, probably because I couldn t simple
    Message 1 of 4 , Jul 2, 2006
    • 0 Attachment
      Hello all,

      there's an issue I'm still confused about although I read the Unix
      module documentation about it several times, probably
      because I couldn't simple code samples.

      My question is : can you create within Ocaml a function

      execute_with_perm : string->string->process_status

      (in the vein of Unix.system)

      such that

      execute_with_perm comm passwd

      executes the command comm, providing the
      password passwd to gain the right to do it ?

      For example,

      execute_with_perm "sudo doSomethingDangerous" "abracada"
      would allow the (currently logged) user whose passwd is "abracada" to execute
      the command "doSomethingDangerous".


      Ewan
    • Richard Jones
      ... This is a general Unix question, and nothing particular to OCaml. It looks like you need to investigate the -S option to sudo. You can run sudo -S
      Message 2 of 4 , Jul 2, 2006
      • 0 Attachment
        On Sun, Jul 02, 2006 at 02:19:15PM -0000, roparzhhemon wrote:
        > My question is : can you create within Ocaml a function
        >
        > execute_with_perm : string->string->process_status
        >
        > (in the vein of Unix.system)
        >
        > such that
        >
        > execute_with_perm comm passwd
        >
        > executes the command comm, providing the
        > password passwd to gain the right to do it ?
        >
        > For example,
        >
        > execute_with_perm "sudo doSomethingDangerous" "abracada"
        > would allow the (currently logged) user whose passwd is "abracada" to execute
        > the command "doSomethingDangerous".

        This is a general Unix question, and nothing particular to OCaml.

        It looks like you need to investigate the '-S' option to sudo. You
        can run 'sudo -S doSomethingDangerous' using the Unix.open_process_out
        function, then send the password to sudo over the channel.

        Other options include having a setuid executable or a daemon to manage
        the transition between users, but unless you know what you're doing,
        you will probably end up just adding a security hole to the system.

        Rich.

        --
        Richard Jones, CTO Merjis Ltd.
        Merjis - web marketing and technology - http://merjis.com
        Team Notepad - intranets and extranets for business - http://team-notepad.com
      • roparzhhemon
        ... In fact, in my experience the shell &bash on my Mac behave erratically and never seem to work the way the manuals or experts say they do ( I guess someone
        Message 3 of 4 , Jul 2, 2006
        • 0 Attachment
          --- In ocaml_beginners@yahoogroups.com, Richard Jones <rich@...> wrote:
          > This is a general Unix question, and nothing particular to OCaml.

          In fact, in my experience the shell &bash on my Mac behave
          erratically and never seem to work the way the manuals or experts
          say they do ( I guess someone just put a spell on me!), but whenever I find
          a way to translate it into Ocaml everything runs smoothly, which is why I
          asked a question like this on this list.

          Ewan
        • Oliver Bandel
          ... [...] I doubt that this is the case.... When you are unexperienced with the shell, you have to work with it for a while to get experienced. Also shell is a
          Message 4 of 4 , Jul 7, 2006
          • 0 Attachment
            On Mon, Jul 03, 2006 at 05:24:41AM -0000, roparzhhemon wrote:
            > --- In ocaml_beginners@yahoogroups.com, Richard Jones <rich@...> wrote:
            > > This is a general Unix question, and nothing particular to OCaml.
            >
            > In fact, in my experience the shell &bash on my Mac behave
            > erratically and never seem to work the way the manuals or experts
            > say they do
            [...]

            I doubt that this is the case....

            When you are unexperienced with the shell, you have to work
            with it for a while to get experienced. Also shell is a general
            name to different things: there are many shells. One that often
            is used in newer systems (OS-X and Linux) is the bash.
            There also is a programm called "shell", but this is the traditional
            unix shell, which not alwas is in use.

            So, some things may behave different, when people talk about shell-usage,
            because they may talk about different shells.

            I would think you have the bash as standard shell.
            You can get informations on your running shell by
            asking what value is in the shell-variable SHELL:

            ========================
            first:~ oliver$ echo $SHELL
            /bin/bash
            first:~ oliver$
            ========================

            So, I have bash as default shell.

            Is it the same at your system (I would think so).

            Are you new to programming also?

            Ciao,
            Oliver
          Your message has been successfully submitted and would be delivered to recipients shortly.