[X-Unix] App launched by my crontab runs as root if Login Window!
Brian Medley
bpm-list-osx-unix at 4321.tv
Mon Jun 6 21:50:08 PDT 2005
On Mon, Jun 06, 2005 at 12:51:13PM -0700, John Baltutis wrote:
> >> If a root account is enabled, and I log in as root, I can go anywhere
> >> on the computer into 'my' 'root' 'home', into other accounts, etc).
> >> But with no root enabled, there are 'walls'...sudo, or no sudo.
> >>
> > If I'm not mistaken, root disable, or not, you can still sudo su - and
> > go wherever you want to.
>
> You're mistaken. When you launch Terminal, it normally starts up in your
> home directory. Now, if you enter this command:
>
> $sudo cd /private/var/root
Will you please explain to me how:
a) sudo can run a shell builtin
b) the fork'ed/exec'ed process can change the
working directory of the parent process
What I'm saying is that there is _no_ "cd" command. The unix
process design dictates that it must be a shell builtin.
> enter your admin password, you're not taken there.
>
> If you enter:
>
> sudo open /private/var/root/
>
> then, the Terminal pops up a dialog box with this admonition:
>
> "The folder "root" could not be opened because you do not have sufficient
> access privileges."
>
> The only way to execute those commands successfully is to enable the root
> user via the NetInfo Manager.app.
Yes, what you say above is true, less one thing: the _Finder_ is
what is being brought up, not Terminal. Given what another
poster in this same thread said, the "open" command will launch
the program using the logged in console user, not the user that
it is run at. Therefore, the Finder will try to open
/private/var/root as the console user (which is most likely not
root).
However, if you do want to open up /private/var/root using the
Finder, I believe this should do it:
$ sudo /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder \
/private/var/root
--
~`^`'~=-._.-=~'`^`'~=-._.-=~'^'~=-., \|/ (___) \|/ _,.-=~'`^`
@~./'O o`\.~@
"Knowledge is Power" /__( \___/ )__\ *PPPFFBT!*
-- Francis Bacon `\__`U_/'
_.-=~'``'~=-._.-=~'``'~=-._.-=~'`^`'~= <____|' ^^`'~=-.,__,.-=
~'^`'~=-._.-=~'`^`'~=-._.-=~'^'~=-.,__,.-==--^'~=-.,__,.-=~'`^`
More information about the X-Unix
mailing list