Anacron for non-root users?
Adam Funk
a24061 at yahoo.com
Thu Mar 8 13:15:11 UTC 2007
On 2007-03-07, Jeffrey F. Bloss wrote:
> This should work, but be aware that there's subtle differences between
> 'su' and 'sudo'. Mostly environment stuff whereby sudo might break some
> things su would not. They should be mostly resolvable if they're even an
> issue, but I do know the "standard" way to do what you're asking about
> is to use 'su' to run jobs as a user from within the safety of a root
> owned home.
Good point.
> The securnity issues are very real even in a single user environment to
> my way of thinking. In essence you're allowing complete control over
> processes initiated by root, and an undesirable channel of
> communication back to root's space, from the same space where browsers
> and other popular targets of attack reside. Conjoining two things that
> some very knowledgeable have worked long and hard to keep generally
> segregated, in fact. ;)
>
> My take-it-for-what-it's-worth suggestion would be to use anacron the
> way it was designed to be used, as the user it's designed to be used
> as. You are of course free to evaluate your own needs and concerns, and
> come up with a completely different acceptable balance of convenience,
> security, and functionality. :)
Well, as a result of this discussion and my investigation into how
anacron is run and runs other things, I've concluded that implementing
my original notion is a lot more trouble than it's worth!
Thanks.
More information about the ubuntu-users
mailing list