Timeline for Linux: Can I make a file unreadable by a user but readable by a script being run by that same user?
Current License: CC BY-SA 4.0
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| May 30 at 12:35 | comment | added | cas | i.e. write two scripts, with one script doing most of the work as the user, and using sudo to run the second script. Apart from performing various checks, the second script should do only the bare minimum required to access and use the key file. Preferably, it should not take arguments or use any variables from the environment (e.g. don't rely even on $PATH, use hard-coded executable paths). it should not ever, under any circumstances, pass the crypto key to the user or any of their processes. it should use the key and discard it immediately. | |
| May 30 at 12:33 | comment | added | cas | +1. You've written about 90% of the answer that I would have. The main thing to add is that instead of allowing the user to run anything as the uid that can read the encryption-key file, sudo could be configured to allow the user to only run one script as that uid, and that script could perform various checks, e.g. to ensure that its parent process was some other specific script before reading and using the key file. | |
| May 30 at 12:07 | history | answered | Sotto Voce | CC BY-SA 4.0 |