ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Loughran <>
Subject Re: Backup before deploy
Date Wed, 23 Nov 2005 14:29:19 GMT
Bozorgdadeh, Afshin wrote:
> My last 2cents
> You could get the job done or you could just brain storm about it.
> When you are su to a different user you are creating a chilled process,
> so your script has to have a way to communicate with a child process. In
> the good old day there was a scripting language name "EXPECT" which
> could pass the arguments to the chilled process. But I think you problem
> is much simpler than that. Let's break it up in two sections.
> Second section first.
> 2) tar and gzip files with a to privileged restricted location allowed.
>     There is a concept of "sticky bit" in UNIX you could create a script
> that will run as a privileged user. But anybody could run that scrip.
>    #!/usr/bin/sh
>    # script to backup file as BIG DUDE
>    # scrip name =
>    tar cvf /BackupDirectory/Mydailybakup.tar    /sorce/needto/bakup/*
>    gzip /BackupDirectory/Mydailybakup.tar    
> after saving this file you have to make this a sticky bit it
>    login as the priviladged user and > chmod 4755

On my list of things never to do on unix, "suid root scripts" are on 
there, right up with "never go 'rm -rf /etc'"

Its too insecure, dont ask me why, just do the research :) I believe 
that recent versions of solaris turn of suid root scripts for security 

Make it a suid root binary.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message