On Fri, 24 Dec 2010 03:39:15 +0000
hiro <23hiro_AT_googlemail.com> wrote:
> I'm still not going away like that.
>
> Why is a suid script more dangerous than i.e. suid mount? What else is
s/i\.e\./e.g./
> dangerous about suid root in general (apart from the bad code you
> shouldn't execute anyway)?
Suid scripts are considered more dangerous than suid binaries because,
historically, many scripts have been interpreted by /bin/sh (i.e. bad
code), and thus their meanings depend on the values of environment
variables such as IFS and PATH.
> And I don't think su is any better than sudo.
sudo has the advantage over su that, if you learn how to configure it
properly, you can allow certain users to run certain commands without
typing the root password.
Robert Ransom
This archive was generated by hypermail 2.2.0 : Fri Dec 24 2010 - 12:48:02 CET