From owner-freebsd-security@FreeBSD.ORG Thu Jul 21 20:07:14 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2065B16A420 for ; Thu, 21 Jul 2005 20:07:12 +0000 (GMT) (envelope-from listuser@seifried.org) Received: from mail.seifried.org (munky.seifried.org [216.234.161.168]) by mx1.FreeBSD.org (Postfix) with ESMTP id A7E1343E00 for ; Thu, 21 Jul 2005 20:06:00 +0000 (GMT) (envelope-from listuser@seifried.org) Received: by mail.seifried.org (Postfix, from userid 91) id C0ADDA44109; Thu, 21 Jul 2005 14:05:42 -0600 (MDT) Received: from 64DOG (firewall.seifried.org [68.149.198.252]) by mail.seifried.org (Postfix) with SMTP id 6BA60A44106 for ; Thu, 21 Jul 2005 14:05:41 -0600 (MDT) Message-ID: <008101c58e30$1066e3c0$1a64110a@64DOG> From: "Kurt Seifried" To: References: <42dfd7c8.619f0abe.46ed.ffffca84@mx.gmail.com> Date: Thu, 21 Jul 2005 14:09:13 -0600 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2527 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on munky.seifried.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=4.0 tests=none autolearn=failed version=3.0.4 Subject: Re: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Kurt Seifried List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2005 20:07:14 -0000 Uhh you people realize sudo is COMPLEMENTARY to su? All my Linux and OpenBSD systems (wait for it.....) have _both_ installed by default. Crazy huh? Some example commands: sudo ifconfig blah [enters own password] sudo su - [enters own password] sudo sendmail -q [enters own password] su - [enters root password] Whoa! what's #2? And what's #4? Holy cow! Folks, this is by far the stupidest argument/discussion I have ever seen on a security related mailing list (and I've been on BugTraq and Full-Disclosure for a long time so that's saying something). sudo is complementary to su, you can have both, and sudo has 0, repeat 0 (just to make sure) I repeat _0_ impact on su. It does not replace su. It does not change su's behavior. It does not break su. You can still use su as before, your script will work as expected (I promise). -Kurt Seifried