3
So Linux does an excellent job in managing rights per user. You all know the file and process management.
But is it also possible to create a virtual private network interface?
Say Linux user John Doe (jdoe) wants to test network software without being root and disturbing the real netif. Can you create an interface that belongs to jdoe only? Like eth0, eth1 and ethJdoe, making ethJdoe belonging to jdoe.
1FYI, pipes are never passed to
sudo
commands. – user1686 – 2011-06-03T12:13:04.750@grawity: i mean when they sudo the shell script, the shall script may insert [whatever] into the command. they need to write that into the shell script. – bubu – 2011-06-03T14:26:57.530
Isn't it a security nightmare to proof the shell script 'if eth0 [whatever]'? – bbaja42 – 2011-06-03T17:23:18.310
yes but if you can entrust a user to do with an interface, that's a lot of trust. if you ever think you need to truly security proof something (under linux, that is) but giving interface control to somebody, the decision maker is likely smoking crack. – bubu – 2011-06-03T17:49:17.387
Thank you all, I was just curious if that was possible at all. – pwn4g3 – 2011-06-11T10:22:25.843