Re: How do I allow users to run a single command as root?

To: debian-user@lists.debian.org
Subject: Re: How do I allow users to run a single command as root?
From: Rob Browning <osiris@cs.utexas.edu>
Date: 16 Aug 1996 10:25:05 -0500
Message-id: <[🔎] 87g25n73n2.fsf@raven.ots.utexas.edu>
In-reply-to: Casper BodenCummins's message of Fri, 16 Aug 1996 13:59:48 +0100
References: <[🔎] c=GB%a=_%p=Sherwood_Compute%l=QUEDGELEY2-960816125948Z-568@romford2.sherwood.co.uk>

Casper BodenCummins <bodec@Sherwood.co.uk> writes:

> What you need here is to set the setuid bit. Run this command as root:
> 
>    chmod +s filename

Not to be nasty, but this is generally a *REALLY BAD IDEA* unless you
know *exactly* what you are doing.  If "filename" was not designed with
extremely careful attention to the fact that it's going to be run suid
root, you can be opening up your system to all kinds of security
attacks, or accidental disasters by enabling suid root.

I'm talking about attention to things like explicitly setting the
PATH, checking and setting IFS, etc.  If it's a perl script, using the
"taint" checks helps, but you have to know enough perl to be able to
fix the problems it reports.

Don't do this.  Use sudo, super, or some equivalent.

[end preach mode]

--
Rob

Reply to:

References:
- RE: How do I allow users to run a single command as root?
  - From: Casper BodenCummins <bodec@Sherwood.co.uk>

Prev by Date: RE: cdplay & sound.o autoloading
Next by Date: [Fwd: Virus Alert]
Previous by thread: RE: How do I allow users to run a single command as root?
Next by thread: RE: How do I allow users to run a single command as root?
Index(es):
- Date
- Thread