P is for Practical | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
[reordered] Hope that helps you.Thx, talexb, it certainly does. I opted for /opt, but I have to say that I'm confused about whose turf it is. I found that I could only scp as root:
I think to remember someone with greater experience writing that it's best not to ssh as root. (Is that a thing?) Update: I was trying to recall what afoken wrote in Re^7: [OT] A New Everything ?. The caution wasn't against ssh'ing as root per se, but doing so with password authentication:
For where I ended up, I found the links refreshing to reread, in particular Greetings and salutations | sudo. In the wake of reading that I'm sshing as root with impunity, and doing things without using sudo. Another link I found in the rereading worth reposting is the Debian Administrator's Handbook by Raphaël Hertzog and Roland Mas End Update Anyways, I was confused about whether root or fred should own things and decided to make a group:
I thought 770 was the right permissions for this situation in terms of inclusion and exclusion. (?) And after changing the group behavior, I'm able to scp as fred to a directory that's owned by root. I would use crontab.Ok. I think I've got this lined up to go off at 6 tomorrow morning: However, I'm not exactly what this script is meant to do -- just check that the environment is clean? How is the output being used? Are you just logging on a looking at the output? Is there going to be a cron job that E-Mails this to you? Are you going to look at the results on a web page? Will the script stop if it's installed in a bad location? Several questions there. 1. The code to dump the environment is just the stub-out to see what's there. I'll make some comparisons to see if my Begin section is pruning anything away.2. The output at this point is simply proof that I can do some minimal thing. 3. Output would eventually inform my day. 4. I would like an e-mail out of this. Is there some preferred way to do that? 5. I want weather reports logged so that Template can use the values to display a webpage. I'd also like a couple of useful screenshots and will see if I can use Corion's automated browsers to that end. I'd like to imitate the keystrokes I make almost every time I figure out what dangers to avoid in the mountain west. 6. I'm not sure whether this whole business of checking where the script is by comparing it to a hardcoded string in the Begin section solves any realistic attack. I still don't know what an attacker "looks like" from a perl/unix perspective. Anyways, I'm pushing close to midnight local, so time for me to celebrate sleep and hope that I wake up to automatic output in the year 2022. Cheers.... In reply to Re^2: creating a secure environment for perl scripts to run
by Aldebaran
|
|