RE: Running files with elevated privileges: SUID or sudo?
Hi Abel
the two first solutions are equivalent: if there is un exploit, it will
inherit the UID 0 rights of the running process (ouch).
The third solution doesnt grant any rights to any process, so I think it is
the most convenient.
++
(and please avoid posting in HTML next time ;) )
-----Message d'origine-----
De : Abel Martín [mailto:abel.martin.ruiz@gmail.com]
Envoyé : mardi 3 octobre 2006 11:03
À : debian-security@lists.debian.org
Objet : Running files with elevated privileges: SUID or sudo?
Hi list.
I have to deploy wpasupplicant and wpagui debian packages on a large amount
of computers with special predefined config files. wpa_gui has to be
executed by unprivileged users. The problem is that wpa_gui needs to be run
with elevated privileges to read WPA settings from a socket opened by
wpa_supplicant. My question is, which approach do you find better: setting
on wpa_gui SUID bit or allowing regular users to run it via sudo without
password? Or do you think it is better creating a group, granting execution
on wpa_gui for this group and adding users to this group? In any case and
for the sake of time I would like to do this modifying the original packages
involved or creating a configuration meta-package.
Thanks!
Reply to: