Originally Posted by matthewg42
I'd like to add that the script there is really not programmed defensively. The only advantage over an suid script is that the people who are able to run it cannot look inside it to see what is happening, at least not directly (maybe they can trick it into printing itself).
Also, all graders are implicitly trusted not to mess with the student's files in a malicious way. There is no mechanism for the students to show that what has been marked is what they submitted. You could add some sort of signing or checksumming scheme for that I guess, where the student gets a sort of receipt which can be checked against what has been marked. That's a bit sinister though if you ask me - if the student cannot trust the grader, he/she is screwed either way.
Ok, I'm sure one of those things will work.
What I was currently trying is being held up because students can't change the owner or group for the file except to a group they are already part of which is no help (stupid of me to think they could).
However, there is that sticky bit that was mentioned. I've heard of how I can have them dump something in a directory whereupon it will immediately change owners due to the sticky bit. That would definitely get me where I need to be.
The only thing better is if I could get sudoers working (it's amazing how terrible the examples for sudoers are on the web).
Btw, first half of the Saints game is over... Saints defense actually looked good for once
so I'm in a good mood. It was mostly three and outs and the Bengals ultimately didn't score a single point (and looking at last year's record, they should have a pretty good offense). Now if I can just finish this program, there's a chance my Saturday night might even get better!