LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-11-2007, 02:04 PM   #1
mpride
LQ Newbie
 
Registered: Dec 2006
Posts: 8

Rep: Reputation: 0
How do I save files with user security after launching app with sudo?


I want to allow some users on a redhat server run wireshark via sudoers. This works fine. However, when they save a capture file the file has root permissions and will not allow them to move or copy it. Is there anything I can do to get around this issue?

Here is a sample visudo entry:

username ALL=(root) NOPASSWD:/usr/sbin/wireshark

Last edited by mpride; 09-11-2007 at 02:05 PM.
 
Old 09-11-2007, 08:35 PM   #2
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
You could allow them to use sudo to change the permissions afterwards. You would need to be very careful to not allow them to change any other files. One way would be to require them to save to a particular filename, and only allow them to change that filename. (After the change, they could then move or rename it as desired.)

You could define an alias for them:

Code:
alias ch_ws_own='sudo chown $(id -un) /tmp/ws.dump'
And create the corresponding entry in sudoers to allow this to work. The one thing I am not sure of is if sudo will barf at the embedded id command in there, and I am not at a *nix machine to try it out. (If you only have a handful of users that need this, you could instead give each one their own command with their username explicitly in the command, and therefore not need to use id.)
 
Old 09-12-2007, 07:59 AM   #3
mpride
LQ Newbie
 
Registered: Dec 2006
Posts: 8

Original Poster
Rep: Reputation: 0
Thanks for the reply. Looks like that may be the best way to get around it.
 
  


Reply

Tags
sudo, wireshark


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I give a user permission to save files to /var/www/html? rotnay6000 Linux - Newbie 10 07-14-2009 09:45 PM
Launching app in X from apache/php? lsdev Linux - Software 1 06-09-2007 02:36 PM
Unable to save files downloaded from the internet on my user account chreon Linux - General 6 03-09-2006 05:05 AM
launching an app into a specific workspace? jasonv Fedora 0 11-14-2004 05:58 PM
Launching an app through telnet? P_Shep Linux - Newbie 2 10-22-2004 10:51 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration