Re: Change root > normal user?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 19Sep2006 08:20, Aaron Konstam <akonstam@xxxxxxxxxxxxx> wrote:
| Although sudo is ok if you want to give execution permissions to a small
| group of users, if you want to give permission to all users to execute a
| program that needs root privileges when running, then SUID through:
| chmod u+s  seems more direct.

And very very much more dangerous. Setuid programs need to _know_ they
are setuid when they were designed and written. They must decide for
themselves if they should be doing what is asked.

With sudo, you express in the config file who can run things and often
exactly what they may ask.

NEVER EVER randomly "chmod u+s' arbitrary programs. It is a gaping
security problem.

Cheers,
-- 
Cameron Simpson <cs@xxxxxxxxxx> DoD#743
http://www.cskk.ezoshosting.com/cs/

I've seen things you people wouldn't believe.  Attack ships on fire off the
shoulder of Orion. I've watched C-beams glitter in the dark near the
Tannhauser Gate.  All these memories will be lost in time, like tears in rain.
        - Roy Baty, _Blade Runner_


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux