Established method to enable suid scripts?
Alejandro Imass
ait at p2ee.org
Fri May 13 21:34:46 UTC 2011
On Fri, May 13, 2011 at 6:07 AM, Chris Telting
<christopher-ml at telting.org> wrote:
> On 05/13/2011 01:32, krad wrote:
[...]
> me ask you.. is "sudo ping" acceptable? Please explain the logical reason
> why not. It would be the preferred method if suid didn't exist and sudo was
> part of the base system.
The sudo versus suid theme is discussed ad-nauseam in many lists and
forums, as well as the C wrappers for doing stuff suid.
IMHO, however, sudo can give you more granular control though
paradoxically relies on suid itself.
The question here is why make the whole freaking interpreter suid when
you can granularly control the specific script.
Anyway, I would personally use a wrapper or sudo.
Cheers,
--
Alejandro Imass
More information about the freebsd-questions
mailing list