lc shell and command line

Mike Bonner bonnmike at gmail.com
Mon Nov 14 11:26:52 EST 2011


if I recall correctly, you can grab a password from a file (as bd stated,
this is dangerous)

sudo su < filewithpword.txt; command 1; command 2; etc 3

scary thing to do though.

On Mon, Nov 14, 2011 at 8:31 AM, Bernard Devlin <bdrunrev at gmail.com> wrote:

> It may be that the easiest way around that is to edit /etc/sudoers and
> configure some username, such that said the logged-in user does not
> need to enter a password in order to call 'sudo su - auser'.  If you
> look inside /etc/sudoers it should explain what is required to make
> access to sudo passwordless for that user.  You can limit within
> sudoers which programs such a passwordless user can run.
>
> Basically, by encoding passwords inside scripts you are circumventing
> security policies.
>
> If you are really determined that the password should be stored in a
> script for some reason, then you may be able to get around unix
> security by piping a password to some program or by reconfiguring the
> tty (which is the component in unix that is prompting you for a
> password) such that it would take the password as a form of input
> other than from an interactive prompt.  A few days ago I saw in a book
> on shell scripting how to redirect tty, but I don't have it to hand
> now, and can't remember the details.
>
> Once you have your circumvention working from a command line
> (terminal), you should be able to pass that circumvention to shell()
> within a livecode script.
>
> I know that I have had to various forms of programmatic backflips to
> "work within" unix security policies.  I would focus on the problem as
> a unix command line problem first.  Then take that solution within
> LiveCode. If it can run from a .sh script, then you are most of the
> way to your solution.
>
> I would really research the issues around unix security and sudo, su,
> ssh thoroughly to understand the implications of what you are doing,
> and the potential holes you open up.  If you are wishing to su to root
> programmatically, then unix is going to try and stop you doing that.
>
> Bernard
>
> On Mon, Nov 14, 2011 at 2:31 PM, Peter Alcibiades
> <palcibiades-first at yahoo.co.uk> wrote:
> > Bernard, many thanks, yes, that works.  Can I ask one more question, how
> then
> > would you get the shell to interact, like if you do su and want to get
> the
> > password in, and then run a script that requires root password?  Or maybe
> > all that has to be done in shell?
> >
> > Peter
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>



More information about the use-livecode mailing list