Is there a way to require a user to wait a certain time instead of asking for a password every time he wants to execute a command as root or access the root / or another user account?
Is there a way to require a user to wait a certain time instead of asking for a password every time he wants to execute a command as root or access the root / or another user account?
Sure, though I advise against it. The following C program can do that:
#include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int argc, char **argv) { if (argc < 2) { fprintf(stderr, "usage: %s <command> <args>...", argv[0]); return EXIT_FAILURE; } printf("Executing"); for (int i = 1; i < argc; ++i) { printf(" %s", argv[i]); } puts("\nPress ^C to abort."); sleep(5); if (setuid(0)) { perror("setuid"); return EXIT_FAILURE; } execvp(argv[1], argv + 1); perror(argv[1]); return EXIT_FAILURE; }As seen in:
$ gcc -O2 -o delay-su delay-su.c $ sudo chown root:sudo delay-su $ sudo chmod 4750 delay-su $ ./delay-su id $ id -u 1000 $ ./delay-su id -u Executing id -u ^C to abort 0This will allow anyone in group
sudoto execute any command as root. You may change the group to something else to control who exactly can run the program (you cannot change the user of the program).If there’s some specific command you want to run, it’s better to hard-code it or configure
sudoto allow execution of that command without password.Rare seeing someone using C for automation rather then Python
You cannot write setuid scripts. It must be a binary.
Ohh now I get it