![]() ![]() Leaving an applicative user with passwordless sudo is a security risk similar to just running everything as root. Perhaps you want to make use of a new file descriptor for some crafty magic.Ī consideration you should take if you use this is not using it in production. Similarly, they're also attached at their stdin, stdout and stderr file descriptor. By default, if the parent is killed gracefully (SIGINT/Ctrl+C), the child will be signaled to die, too. GrandPerspective is open source software for Mac OS X used for disk space analysis in a graphical treemap. ![]() Flexibility to completely detach the subprocess from its parent or not. One of the reasoning for this, I found, is both flexibility and debugging. In other words, it can do anything the rest can. ![]() Popen is worth learning and the recommended way to execute subprocesses, especially in the long run. You can prefix sudo and bash to your script's path as the executed command in order to achieve the same goal. others) have write permissions then they can simply edit the file, add themselves to root and change your PS1 to black on black.Īs advised by lior.i, I'm adding this option, too. Whoever can execute this file (group or others have execution permissions, especially) will run everything inside as root. Running an app as root Theres an app, GrandPerspective, that I use to graphically view disk use (cool app, try it out. chown root.yourgroupĪgain, the same security implications apply here. p_root script to root and whoever can execute it (group/others) will always run the script as root. This is a file permission that allows executing a script with its owner's permission. visudo /etc/sudoers.d/20-special-prootĮxample content (full path to executable used is mandatory) youruser ALL=(ALL) NOPASSWD: /usr/bin/bash /full/path/to/p_root The files within /etc/sudoers.d are read in order (convention is to name them 10-something, 20-else, etc). (Don't give more permissions than the minimum required unless you've thought out the implications.) (Don't give more permissions than the minimum required unless you've thought out the implications. The best Linux alternative is Baobab Disk Usage Analyzer, which is both free and Open Source. You can add your own files in that directory, to sanely manage your system. Note the use of (root), to allow the program to be run as root but not as other users. GrandPerspective is not available for Linux but there are plenty of alternatives that runs on Linux with similar functionality. sudo adduser root pulse-access And finally reboot the system. Otherwise, someone can exploit this and run arbitrary code as root by editing the file and adding their own content.Įach file in /etc/sudoers.d contains rules for sudo. default-server /var/run/pulse/native autospawn no Add root to pulse group. At least remove others' permission to write chmod o-w. It is imperative you lock down the script write permissions. ![]() p_root to be invoked with passwordless sudo. p_root invocation to be a passwordless sudo configuration in the sudoers.d directory. If a game asks for that to run, either you messed its installation (badly!) or it is malicious code.There are two (*) methods I can think of. Only use sudo if you are explicitly trying to modify your system and only when the modification is not to files on your user home folder.Īlso, games are closed source software that should *never* need sudo or root permissions to be able to run. If that is the case, try what Dirt圜amper suggested to fix permissions or at least try creating a new game library on your user home folder (with steam running unprivileged) and reinstall that game to this new folder.Īs a general rule of thumb, don't run anything with sudo/root permissions. Steam installs its game library and other files on the current user's home folder, but if you run it with sudo/root permissions it might see root as the user instead, then place files on the wrong location, wrong owner, wrong permissions. Did you run Steam as root too? If you did it might be part of the reason for your issue. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |