[UFO Chicago] sudo exploit

Nick Moffitt nick@zork.net
Wed, 18 Jul 2001 13:49:33 -0700

begin  Nate Riffe quotation:
> > > This is why I prefer an actual root shell over a setuid binary.
> > 	So you remove the setuid bit from /bin/su as well?
> No.  I try to keep as few as possible installed.  sudo is one less.

	Wise move.  However, I find that the logging ability of sudo
makes it much safer to have multiple users with superuser access, and
removes the need to make many other binaries suid.

	It's a tradeoff.

You are not entitled to your opinions.
	01234567 <- The amazing* indent-o-meter! 
        ^	    (*: Indent-o-meter may not actually amaze.)