On Tue, Jun 01, 2004 at 11:21:23PM -0400, James Damour wrote:
> My understanding of the position of Bob and Mike can be summed up as, "in
> general, shell script's can't be made to use setuid/setgid securely".
> Basically, the problem comes down that a user can manipulate their PATH to
> redefining basic commands that are used by the shell scripts (like "ls")
> in order to elevate their privileges.
It's not impossible, it's just tricky, and the technique you chose has
already been implemented (in sudo).