You can restrict a command to "dsmc backup <rest of command>" so that no
restores are possible.  You could restrict restores in a similar manner.  I have
set sudo up so that operators could perform simple actions - backup, shutdown,
etc from a menu of sudo commands.

Sudo also does its own auditing (to another machine if you like), so you can
tell who done what.





m.





"Alan R. White" <arw AT TIPPER.DEMON.CO DOT UK> on 14/12/99 08:00:17

Please respond to "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>


To:   ADSM-L AT VM.MARIST DOT EDU
cc:    (bcc: MICHAEL LIGHTFOOT/NSO/CSDA)
Subject:  Re: Reenv.: Re: Root user using ADSM



I wish these things were straightforward but.....please note that if you let
a non-root user call dsmc via sudo or other programs they can effectively
find a way to log on as root or run commands as root.

Remember dsmc can be used to restore files too so they could, say, restore
their own version of the passwd file, create a .rhosts, hosts.equiv and so
on.

Regards
Alan