Established method to enable suid scripts?
krad
kraduk at gmail.com
Fri May 13 12:41:08 UTC 2011
On 13 May 2011 11:07, Chris Telting <christopher-ml at telting.org> wrote:
> On 05/13/2011 01:32, krad wrote:
>
>> what i cant understand is the complete aversion to sudo. Could you shed
>> any light on why you are trying to avoid a tried and tested method.
>>
>
> That I freely admit is for no rational reason. It's just annoying. But let
> me ask you.. is "sudo ping" acceptable? Please explain the logical reason
> why not. It would be the preferred method if suid didn't exist and sudo was
> part of the base system.
>
> Happy Friday.
>
>
Without knowing your security policy its difficult to say. However from an
adhoc point of view I dont see why not assuming what you are doing with it
needs root privilege. Its also far less risky than giving a user access to a
box.
Again without knowing your security policy, i dont see why sudo coming from
ports vs base system is really relevant. As long as said port is audited to
the same level or higher than the base system i dont see any problem.
More information about the freebsd-questions
mailing list