On Mon, Dec 02, 2002 at 06:31:56AM +0000, Pigeon wrote: > On Sun, Dec 01, 2002 at 09:49:52PM +0000, Clive Standbridge wrote: > > I have not heard that sudo is inherently insecure in any specific way > > (but I'm not a long time sudo user). > > I think it's a complexity issue. The sudo binary is about ten times > the size of that of my one-line C program, and has far, far greater > complexity, as well as allowing the user to, in principle, run _any_ > command as root. So it must offer many more points of attack. If I was > to start writing more complex setuid-root programs to do a greater > variety of things than just run one very specific command, it wouldn't > take very long before the situation reversed. The complexity issue is balanced by the fact that lots and lots of people have looked at the source of sudo, and actively found holes in it. The point at which this becomes advantageous will vary depending on circumstance, of course. -rob
Attachment:
pgpmYFnmKufrs.pgp
Description: PGP signature