Re: [TCLUG:14407] secure text editor

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:14407] secure text editor
From: David Carter <dcarter@visi.com>
Date: Tue, 7 Mar 2000 09:22:27 -0600
In-Reply-To: <Pine.LNX.4.20.0003061115050.873-100000@dmitri.bitstream.net>; from Dan Debertin on Mon, Mar 06, 2000 at 11:17:39AM -0600
References: <Pine.LNX.4.21.0003061100200.18188-100000@pyre.ossuary.net> <Pine.LNX.4.20.0003061115050.873-100000@dmitri.bitstream.net>
User-Agent: Mutt/0.96.1i

On Mon, Mar 06, 2000 at 11:17:39AM -0600, Dan Debertin wrote:
> On Mon, 6 Mar 2000, Scott wrote:
> 
> >      Couldn't this problem be solved by adding a new group
> > (ie. sudokids), making those unlucky few who have to deal with
> > them a member of said group, then chown the files as necessary?
> 
> Yeah, that's what I'm looking into right now. Thing is, I'm unsure if BIND
> is picky about perms/ownerships on its zone files. If I start playing
> around with perms, and named starts dying & complaining about bad perms,
> then obviously we have a problem :). We've had similar a problem with
> sendmail here, so that is why I am cautious.

A better solution would be to use RCS or CVS.  (This also gives you a
history of changes...)  Allow those certain users write access to the RCS or
CVS tree, and have a script in cron which periodically checks out changed
files and puts them in the 'real' location(s).  This way, there's no need to
give sudo privs to anyone.

-- 
David Carter ** dcarter@visi.com
Network Engineer -- VISI.com
PGP Key 581CBE61: E07EE199C767C752 8A8B1A9F015BF2EA 
Key available by finger or www.keyserver.net.

References:
- Re: [TCLUG:14407] secure text editor
  - From: Scott <pope@ossuary.net>
- Re: [TCLUG:14407] secure text editor
  - From: Dan Debertin <danield@bitstream.net>

Prev by Date: Re: [TCLUG:14449] HelixCode rocks
Next by Date: Re: [TCLUG:14453] Removing a Process
Prev by thread: libmutt = on crack
Next by thread: Ghost for Linux
Index(es):
- Date
- Thread