[Simh] simh and tap device under linux
Howard M. Harte
hharte at hartetechnologies.com
Tue Aug 25 11:26:06 EDT 2009
Those techniques will work, but the user will be able to CTRL/E and '!
sh' to get a root shell. You might want to disable the '!' command.
-Howard
On Aug 24, 2009, at 9:44 AM, Seth Morabito <sethm at loomcom.com> wrote:
> On Mon, Aug 24, 2009 at 12:08 AM, <ttmrichter at gmail.com> wrote:
>> Now the million-dollar question: is there any way to set this up so
>> that I
>> don't have to give someone full-on God Mode privileges to run the
>> emulator
>> properly? I'm not so sure I want to give this thing access to
>> everything on
>> my system at this time.
>
> There are two possible techniques. The first is changing the ownership
> of the executable to 'root' and setting the suid bit. For example:
>
> % sudo chown root pdp11
> % sudo chmod u+s pdp11
>
> This will allow anyone with rights to execute the program to run it as
> the root user.
>
> The other technique works as long as you have 'sudo' installed. You
> can add a line to your /etc/sudoers file to let a normal user (login
> 'foobar') run the executable as root:
>
> foobar ALL=NOPASSWD: /path/to/pdp11
>
> Then the user 'foobar' just has to type "sudo pdp11" to get it to run
> with root privileges. Other users won't be able to, only 'foobar'.
>
> Both techniques are a security risk, but as they say, life involves
> risk. :-) Only you can decide how much security trade-off you're
> willing to live with.
>
> -Seth
> _______________________________________________
> Simh mailing list
> Simh at trailing-edge.com
> http://mailman.trailing-edge.com/mailman/listinfo/simh
>
More information about the Simh
mailing list