On Tue, Dec 16, 2008 at 09:25:43AM +0000, Brett Parker wrote:
On 15 Dec 23:32, Dan Hatton wrote:
On Mon, 15 Dec 2008, Chris G wrote:
As I said I hardly matters as the command that needs to work is a backup command so anyone who can run the command can do just about anything they want - copy files, delete files, overwrite files, etc.
According to its manpage, super has the capability to restrict what arguments are given to a command as well as the command itself. I'm guessing sudo has similar functionality available, right?
Yes, indeed it does, but it becomes "interesting" to get the recipe right. The fact that the command option in ssh's authorized_keys is well documented, and there are many examples that show how to "safely" set up dirvish via it, not least of all: http://www.uno-code.com/?q=node/10
Now, as that limits the command to only what it trusts, i.e. only what is on the other machine in the authprogs.conf file... and stops *anything* else from running, i.e. there is no copy, delete or overwrite files... (also, sudo or super for firing off a rsync session is going to be a lot more complicated than just firing off the rsync session ;)
How do you back up files without copying them? :-)