Originally posted by Vijay Chinnasamy:
sudo sh - user -c command_or_script
um, that looks terribly insecure to me... i believe for that to work, you'd have to add
/bin/sh to
/etc/sudoers as a sudo-able command, wouldn't you? but that surely wouldn't be right, there's no end of ways the security of the shell could be breached.
i believe the "right" way to do this is to put the "
command_or_script" into
/usr/local/bin with root.root ownership, non-world-writable, and add that
command_or_script only to
/etc/sudoers. that way, you can run it as
user with:
<pre>
sudo -u user command_or_script</pre>
and let the system worry about the interpreter and its command line options.
[ January 14, 2005: Message edited by: M Beck ]