Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Replace /usr/bin/mail with Mail.app' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Replace /usr/bin/mail with Mail.app
Authored by: truhe on Aug 22, '03 09:39:57PM

I don't like the sudoers thing... it opens my machine in a way I don't want...

In another hint someone added an applescript as a comment. within the first lines there was a call to another applescript, running on a remote machine with another username and password which also works on the same machine. this would solve the problem. unfortunately, I was not able to find this script :(



[ Reply to This | # ]
sudo is fine grained
Authored by: vajonez on Aug 25, '03 05:37:02PM
I see many people talk about 'risk' when using sudo with NOPASSWD: and I agree, when applied broadly it is a little silly. However, sudo has very fine grained control over who can do what and as whom (either with or without a password).

Bad idea:
user ALL=(ALL) NOPASSWD: ALL

Better idea:
user localhost=(user_to_run_as) NOPASSWD: /path/to/some/program_or_script

This allows user to run /path/to/some/program_or_script as user_to_run_as on localhost with no password. You can include muliple users in the parentheses and even exclude users by preceding the username with a !, i.e. (ALL, !root) means all users except root.

This, IMO, certainly beats having scripts with passwords hardcoded into them in cleartext.

See man sudoers for more information.

[ Reply to This | # ]