LISA 2001 Abstract
SUS - An Object Reference Model for Distributing UNIX Super User Privileges
Peter D. Gray, University of Wollongong
Abstract
This paper describes a system administration tool which allows a
user to run a command as root or as some other user after
authenticating. Unlike most other commands of that ilk, SUS attempts
to treat the command and its arguments as references to system
objects, and allows for relatively powerful matching on the attributes
of those objects to determine if the user should or should not be
allowed to execute the desired command. In addition, SUS has a mode to
help limit the number of setuid utilities needed to provide user
services via the web.
- View the full text of this paper in
HTML,
PDF, and
PostScript.
The Proceedings are published as a collective work, © 2001 by the USENIX Association. All Rights Reserved. Rights
to individual papers remain with the author or the author's employer.
Permission is granted for the noncommercial reproduction of the complete
work for educational or research purposes. USENIX acknowledges all
trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.
|