From owner-freebsd-bugs Sun Jul 8 16:20: 7 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 91CB537B401 for ; Sun, 8 Jul 2001 16:20:04 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.3/8.11.3) id f68NK4o13721; Sun, 8 Jul 2001 16:20:04 -0700 (PDT) (envelope-from gnats) Date: Sun, 8 Jul 2001 16:20:04 -0700 (PDT) Message-Id: <200107082320.f68NK4o13721@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Kris Kennaway Subject: Re: bin/28333: rtprio/idprio setuid problems Reply-To: Kris Kennaway Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR bin/28333; it has been noted by GNATS. From: Kris Kennaway To: Brad Huntting Cc: Kris Kennaway , FreeBSD-gnats-submit@freebsd.org Subject: Re: bin/28333: rtprio/idprio setuid problems Date: Sun, 8 Jul 2001 16:17:35 -0700 --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jul 08, 2001 at 05:06:29PM -0600, Brad Huntting wrote: > > No, the UNIX way is to use something a tool like sudo (in the ports > > collection) which lets the admin manage which users get to execute > > which commands with privilege. Adding uid-management code to all > > sorts of non-privileged binaries just in case someone misguidedly > > makes it setuid is the wrong solution. >=20 > Granted, for programs like renice, chown, etc, sudo is ideal. But > chroot, {id,rt}prio, and nice are different because, not only do > they perform a prevledged operation, they exec() a new program > afterward. >=20 > A sudo like wrapper for these would need to grok the command line > semantics of each utilities to be a viable alternative. Even then, > it would be a security risk, unless it provided some mechanism to > insure that the command line semantics of nice (et al) stay in sync > with this sudo-like program. And once you've gone to all that > trouble you might has well just make a special setuid version of > nice (et al) that does uid management and is runable by ordinary > users. Once you've done that, you might as well call it "nice" > (etc), because everyone already understands how "nice" works. >=20 > Or did you have some other idea for a sudo like tool. Have you positively determined that sudo or another such existing tool can't be used to do what you want? Kris --G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7SOntWry0BWjoQKURAsXgAKDj87FSsARhOlx6MOgqNzByoxxHMgCfcvLN 0t3ukdVdm8IGa7Xc/1m2UMM= =4Am4 -----END PGP SIGNATURE----- --G4iJoqBmSsgzjUCe-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message