From owner-freebsd-stable Sat Oct 7 11: 7:45 2000 Delivered-To: freebsd-stable@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 8B0CD37B502 for ; Sat, 7 Oct 2000 11:07:41 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e97I7dd00965; Sat, 7 Oct 2000 12:07:40 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id MAA01420; Sat, 7 Oct 2000 12:07:39 -0600 (MDT) Message-Id: <200010071807.MAA01420@harmony.village.org> To: "David J. Kanter" Subject: Re: Security problem with "script"? Cc: FreeBSD stable In-reply-to: Your message of "Sat, 07 Oct 2000 03:14:16 CDT." <20001007031416.A1389@freebsd.mindspring.com> References: <20001007031416.A1389@freebsd.mindspring.com> Date: Sat, 07 Oct 2000 12:07:39 -0600 From: Warner Losh Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001007031416.A1389@freebsd.mindspring.com> "David J. Kanter" writes: : I don't know if this is an issue or not, but using the script program with : sudo seems to switch the sudoer's id to root. : : Here's an example: : : david@/usr/src % whoami : david : david@/usr/src % sudo script /usr/tmp/buildworld : Script started, output file is /usr/tmp/buildworld : root@/usr/src % whoami : root : root@/usr/src % : : Is this a security problem? No. script forks a shell. sudo tells you to do that as root. It is merely complying. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message