Established method to enable suid scripts?

krad kraduk at
Fri May 13 12:41:08 UTC 2011

On 13 May 2011 11:07, Chris Telting <christopher-ml at> wrote:

> On 05/13/2011 01:32, krad wrote:
>> what i cant understand is the complete aversion to sudo. Could you shed
>> any light on why you are trying to avoid a tried and tested method.
> That I freely admit is for no rational reason. It's just annoying. But let
> me ask you.. is "sudo ping" acceptable? Please explain the logical reason
> why not. It would be the preferred method if suid didn't exist and sudo was
> part of the base system.
> Happy Friday.

Without knowing your security policy its difficult to say. However from an
adhoc point of view I dont see why not assuming what you are doing with it
needs root privilege. Its also far less risky than giving a user access to a

Again without knowing your security policy, i dont see why sudo coming from
ports vs base system is really relevant. As long as said port is audited to
the same level or higher than the base system i dont see any problem.

More information about the freebsd-questions mailing list