Different password for the hosts file?

Discussion in 'Mac Apps and Mac App Store' started by dotcomlarry, Mar 4, 2005.

Most Liked Posts
  1. dotcomlarry, Mar 4, 2005

    dotcomlarry macrumors regular

    Joined:
    Jul 16, 2002
    Location:
    Akron, PA
    #1
    Hi all... I'm trying to block some domains from being accessed on my laptop that don't need to be.... only problem is, certain people can edit the /etc/hosts file just fine by punching in the password.... Is there a way to assign it a different password just for that file? I don't want to create new users (in fact, it's not an option... don't ask) or change my existing password (it's used by others). Any way to do this? Ideally i would only assign a new password to JUST the hosts file, but I'm not sure if this is possible (not much of a *nix geek).

    Thanks for any help in advance
     
    share
    + Quote Reply
  2. yellow, Mar 5, 2005

    yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #2
    No, you cannot do this.

    My suggestion.. create a new account that is NOT an admin account for the others that are using your PB. Since they are not part of the admin group, they are not in /etc/sudoers and cannot edit /etc/hosts.
     
    share
    + Quote Reply
  3. dotcomlarry, Mar 5, 2005

    dotcomlarry thread starter macrumors regular

    Joined:
    Jul 16, 2002
    Location:
    Akron, PA
    #3
    from looking at some of the documentation of the sudoers file, it would *seem* as tho i could edit the %admin group (which includes my account) to be able to do everything *but* edit the /etc/hosts file... that way they couldn't sudo the hosts file. Or.. am I wrong?
     
    share
    + Quote Reply
  4. yellow, Mar 5, 2005

    yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #4
    Have you looked at the sudoers man page? It's not easy to configure..

    And you'd have to create another account to edit /etc/hosts, or edit /etc/sudoers to allow you to do it, which these people you're trying to 'secure' can also do..

    Plus, I believe /etc/sudoers is only checked in the CLI, if someone tries to edit the file from inside the GUI from an admin account, they shouldn't be stopped.

    I still think creating a non-admin account for them would be the best (easiest) solution.
     
    share
    + Quote Reply
(You must log in or sign up to post here.)

Share This Page