Re: [Rails] ruby edit sudo file

Ruby on Rails Monday, December 23, 2013


I am using the below command and now its not asking password but i think its not a secure way...

      system("echo systempassword | sudo -S ruby example.rb")
      example.rb:
       in this .rb file i am opening my apache2 file and editing successfully using ruby File class.



On Monday, December 23, 2013 12:58:04 PM UTC+5:30, tamouse wrote:
On Mon, Dec 23, 2013 at 12:59 AM, saravanan p <psaravana...@gmail.com> wrote:
I am trying to edit apache2 https.config file which require sudo permission through my ruby scripting.


Be very very careful with this. It can easily leave you wide open to a hack.

Assuming you do really mean a ruby script, and nothing in your Rails app, you can set the setuid bit with chmod and chown the script to root. When it executes, it will execute with root persmissions.

Given you've not been able to find this information yourself, I'd again caution you not to do this.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/42145dcd-ef3d-447e-94b7-095eb24da38e%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Posted by Ruby on Rails at 11:18 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)