diff options
| author | David E. O'Brien <obrien@FreeBSD.org> | 1997-04-24 08:02:43 +0000 |
|---|---|---|
| committer | David E. O'Brien <obrien@FreeBSD.org> | 1997-04-24 08:02:43 +0000 |
| commit | fc543e03c6e44692cbee4f2db32f3a9a956f2623 (patch) | |
| tree | 1e0519eafbfb1d4e18c98ff37cb86f35d5732e56 /security/super | |
| parent | Uncomment -DSTDHEADERS so that we can use Bruce's work. (diff) | |
Super is a setuid-root program that offers
o restricted setuid-root access to executables, adjustable
on a per-program and per-user basis;
o a relatively secure environment for scripts, so that well-written
scripts can be run as root (or some other uid/gid), without
unduly compromising security.
See pkg/DESCR for a comparson w/sudo.
Notes
Notes:
svn path=/head/; revision=6282
Diffstat (limited to 'security/super')
| -rw-r--r-- | security/super/Makefile | 34 | ||||
| -rw-r--r-- | security/super/distinfo | 1 | ||||
| -rw-r--r-- | security/super/pkg-comment | 1 | ||||
| -rw-r--r-- | security/super/pkg-descr | 52 | ||||
| -rw-r--r-- | security/super/pkg-plist | 8 |
5 files changed, 96 insertions, 0 deletions
diff --git a/security/super/Makefile b/security/super/Makefile new file mode 100644 index 000000000000..4d0260e3cc9b --- /dev/null +++ b/security/super/Makefile @@ -0,0 +1,34 @@ +# ex:ts=8 +# Ports collection makefile for: foo +# Version required: 3.9.7 +# Date created: Fri Mar 18, 1997 +# Whom: David O'Brien (obrien@FreeBSD.org) +# +# $Id: Makefile,v 1.2 1997/01/25 18:08:40 obrien Exp $ +# + +DISTNAME= super-3.9.7 +CATEGORIES= security sysutils +MASTER_SITES= ftp://phobos.caltech.edu/users/will/ +EXTRACT_SUFX= .shar.gz + +MAINTAINER= obrien@NUXI.com + +EXTRACT_CMD= zcat +EXTRACT_BEFORE_ARGS= +EXTRACT_AFTER_ARGS= |sed -e '1,/Cut Here/d'|sh +MAN1= super.1 setuid.1 +MAN5= super.5 + + +post-install: + @strip ${PREFIX}/bin/super ${PREFIX}/bin/setuid + @${MKDIR} ${PREFIX}/share/examples + @${INSTALL} ${WRKSRC}/sample.tab ${PREFIX}/share/examples + @${INSTALL} ${WRKSRC}/sample.cdmount ${PREFIX}/share/examples +.if !defined(NOPORTDOCS) + @${MKDIR} ${PREFIX}/share/doc/super + ${INSTALL_MAN} ${WRKSRC}/README ${PREFIX}/share/doc/super +.endif + +.include <bsd.port.mk> diff --git a/security/super/distinfo b/security/super/distinfo new file mode 100644 index 000000000000..4c5aaa81cfe1 --- /dev/null +++ b/security/super/distinfo @@ -0,0 +1 @@ +MD5 (super-3.9.7.shar.gz) = f554d775b06b7f57af9a0c93fb058c2d diff --git a/security/super/pkg-comment b/security/super/pkg-comment new file mode 100644 index 000000000000..3c4199465c2c --- /dev/null +++ b/security/super/pkg-comment @@ -0,0 +1 @@ +Allow others to run commands as root. diff --git a/security/super/pkg-descr b/security/super/pkg-descr new file mode 100644 index 000000000000..ef2e077e8f82 --- /dev/null +++ b/security/super/pkg-descr @@ -0,0 +1,52 @@ +Super is a setuid-root program that offers + + o restricted setuid-root access to executables, adjustable + on a per-program and per-user basis; + + o a relatively secure environment for scripts, so that well-written + scripts can be run as root (or some other uid/gid), without + unduly compromising security. + +Sample uses: + - to call a script that allows users to use mount(8) on + cdrom's or floppy disks, but not other devices. + + - to restrict which users, on which hosts, may execute a + setuid-root program. + + - to allow groups of trusted users (e.g. an "operator" group) complete + root access to sets of selected commands such as, say, line-printer + control commands, without giving away access to other commands, + and with full logging of all commands used. + + +Super and sudo +-------------- +Sudo -- + Sudo allows a permitted user to execute a command as the superuser. + Its central design philosophy is that each user can be + trusted when executing certain commands. This is implemented + by allowing each user to execute the restricted commands for + which s/he is trusted, without giving access to other restricted commands. + +Super -- + The design philosophy behind super is two-fold: + (a) some users can be trusted when executing certain commands; + (b) there are some commands, such as a script to mount CDROM's, + which you'd like to be safely executable even by users who + are NOT trusted. Although setuid-root scripts are insecure, + a good setuid-root wrapper around a sensible non-setuid script + can be hard to break, and super provides that wrapper so that + even a non-trusted user can use the scripts. + +In the author's view, the main differences to the administrator are: + + (1) the files that specify valid user/command combinations have + a different look and feel. + + (2) super provides a safe wrapper for scripts, so that a + well-written script can be run safely by ordinary + users without having to actually trust them. + + +-- David (obrien@FreeBSD.org) diff --git a/security/super/pkg-plist b/security/super/pkg-plist new file mode 100644 index 000000000000..a6c6e48eddec --- /dev/null +++ b/security/super/pkg-plist @@ -0,0 +1,8 @@ +bin/super +bin/setuid +man/man1/super.1.gz +man/man1/setuid.1.gz +man/man5/super.5.gz +share/examples/sample.tab +share/examples/sample.cdmount +share/doc/super/README |