|
|
|
|
|
|
by timv
29 days ago
|
|
|
I wrote something like that about 15 years ago for a financial institution. For what we needed, we intentionally wanted both people to be at the same terminal (it was going to be used to give shell access to a specific unix account that ran a critical system). That mean that we could implement it as a setuid (root) binary that required both users to authenticate. It had a config file that worked like sudoers, and defined a list of commands that could be called, how many people were needed to authenticate, and which unix groups they had to belong to. |
|
|