-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/12/2019 15.11, Anton Aylward wrote:
On 04/12/2019 16:58, Carlos E. R. wrote:
find /data/storage_b/cer/Pictures /data/storage_b/cer/Pictures.tmp /data/storage_b/cer/Pictures.astro -type f \ -exec sudo chgrp cer '{}' \; \ -exec sudo chmod u+r+w,g+r+w,o+r-w-x,-t '{}' \; \ -exec sudo setfacl -m g:users:r '{}' \;
With corresponding sudoers file entries:
OUCH OUCH OUCH!
You've max-imalized when you could have minimized.
Sudo at the 'find' level and you can get rid of the individual sudo. or just sudo the whole script.
I thought that sudoers do not allow scripts, only binaries. Other people can alter the script and thus access any command. Security hole. - -- Cheers / Saludos, Carlos E. R. (from 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXekTAAAKCRC1MxgcbY1H 1VwkAJ9LqOT2s6GbTaiCRkSzQZHmkiGWbQCePqQjoPH9zaLYKl9/zy7LqbBfBO8= =nH7O -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org