On 19Sep2006 08:20, Aaron Konstam <akonstam@xxxxxxxxxxxxx> wrote: | Although sudo is ok if you want to give execution permissions to a small | group of users, if you want to give permission to all users to execute a | program that needs root privileges when running, then SUID through: | chmod u+s seems more direct. And very very much more dangerous. Setuid programs need to _know_ they are setuid when they were designed and written. They must decide for themselves if they should be doing what is asked. With sudo, you express in the config file who can run things and often exactly what they may ask. NEVER EVER randomly "chmod u+s' arbitrary programs. It is a gaping security problem. Cheers, -- Cameron Simpson <cs@xxxxxxxxxx> DoD#743 http://www.cskk.ezoshosting.com/cs/ I've seen things you people wouldn't believe. Attack ships on fire off the shoulder of Orion. I've watched C-beams glitter in the dark near the Tannhauser Gate. All these memories will be lost in time, like tears in rain. - Roy Baty, _Blade Runner_
