FW: FW: FW: Adding OpenBSD sudo to the FreeBSD base system?

[Stephen Major]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

http://www.freshports.org/security/sudo/


there it is in the ports tree do your research before saying that my claim
is baseless

And stop before you come back with saying you have to configure it.
Because that is exactly my point I do not have to configure anything to use
su.

And no you could not make sudo "out of the box" ready, for everyone's
application. Otherwise the default configs would already be that way when
you installed it from ports.

I only want 2 users on my system to be in the wheel group and su to full
root.

But the next guy might want sudo and be able to give limited access to to
several "sub-admins"

- From my perspective su is more secure than sudo in the fact that an idiot
admin cannot screw it up. Unless they set some dumb root password for
example: 1234admin


- -----Original Message-----
From: asym [mailto:bsdlists at rfnj.org] 
Sent: Thursday, July 21, 2005 12:05 PM
To: Stephen Major; freebsd-security at freebsd.org
Subject: Re: FW: FW: Adding OpenBSD sudo to the FreeBSD base system?

At 14:41 7/21/2005, Stephen Major wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA512
>
>Sudo requires extra configuration that su does not.
>
>Why should I have to waste my time configuring another app just because a
>handful of people want it? I like su and how it works and I guarantee I am
>not the only one. You want it replaced replace it your self
>cd /usr/ports/security/sudo && make install clean
>
>That simple! Don't waste our time because you want something to be easier
>for you

No such implication exists.  Your claim is baseless.

If sudo WERE included in the base system, the default configuration COULD 
be setup to mimic the very simplistic behavior of su.  Hence, you would 
have to do absolutely nothing, it would only save work.

I agree that if sudo is to be called as su (via symlink) as someone else 
pointed out, then it should behave the same way, but that's a simple thing 
to do even if sudo doesn't currently support it.  I don't know, I only use 
su long enough to install my "must haves" like sudo, then never again.



-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.1 (Build 2185)

iQEVAwUBQt/0XqKXvLS903/FAQpxpggArPEwNlSgmtqgTvKiSHGpaL7V+0eQRkZ8
jlkZS2weOp3Q8mUtuvTDoJK19LbGT5KDAo4LnzOC3s9W1dYrGT/G5u+hbE67Mrtk
pVymrszhRLiZbjGbAQ1q0nA1tYEykkE/xOJ1aTHLg9phct6tM2MEVVXeVGRbgeTN
SawZ6bqzPtbNN5AtbpJcRVUzYgyaE3YNKsRGJXecNu2MKFyk/90C2mOVu1Td3jHf
/iZiXT8RTHl72lLszZlDOmtTzgZ2rzFBraWIiiEwucsaGUJNia9C46PDQJPyAZZS
L1pnvY0UZdrPYheF4FrM6ETMFsjwlNSz3s/SJ3rysMK0bybUo507Iw==
=zL/5
-----END PGP SIGNATURE-----