[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shellutils grave bug



On debian-devel, Julian Gilbey <J.D.Gilbey@qmw.ac.uk> wrote:
> I thought about that, but decided against it: su is a little too
> important IMHO to trust to the vagaries of shell scripts.  If
> something breaks with suidregister or whatever -- whoosh! no /bin/su.
> If a sysadmin wants something more secure or whatever, he should look
> into secure-su.

Also suidregister is for programs that a sysadmin may decied want to be
non-setuid at some point. Nobody wants a non-setuid su, that would be stupid. 

-- 
I consume, therefore I am

Attachment: pgp9w84ytoJwY.pgp
Description: PGP signature


Reply to: