From owner-freebsd-security@FreeBSD.ORG Thu Jul 21 19:11:13 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7311716A41F for ; Thu, 21 Jul 2005 19:11:13 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id F0FF643D68 for ; Thu, 21 Jul 2005 19:11:12 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id 2D75511A79; Thu, 21 Jul 2005 21:11:12 +0200 (CEST) Date: Thu, 21 Jul 2005 21:11:12 +0200 From: "Simon L. Nielsen" To: asym Message-ID: <20050721191111.GJ880@zaphod.nitro.dk> References: <42dfd7c8.619f0abe.46ed.ffffca84@mx.gmail.com> <6.2.1.2.2.20050721133118.038f7ac8@mail.rfnj.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="IbVRjBtIbJdbeK1C" Content-Disposition: inline In-Reply-To: <6.2.1.2.2.20050721133118.038f7ac8@mail.rfnj.org> User-Agent: Mutt/1.5.9i Cc: Stephen Major , freebsd-security@freebsd.org Subject: Re: FW: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2005 19:11:13 -0000 --IbVRjBtIbJdbeK1C Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.07.21 12:36:16 -0400, asym wrote: > Personally, I would like to see sudo not only in the base system, but in > the base system with a default configuration that mimics su(1) and thus > replaces it entirely. The only difference is which password you need to > provide. After a period for migration (or perhaps just in 6.x and noted = in > the release notes), su could become just a symlink to sudo. Personally I would object to that. I use sudo, so I have nothing against it (except it's default config), but the main reason the above suggestion with replacing sudo with su is a bad idea: [simon@zaphod:sudo-1.6.8p9] cat *.c | wc -l 16357 [simon@zaphod:sudo-1.6.8p9] wc -l /usr/src/usr.bin/su/*.c 572 /usr/src/usr.bin/su/su.c For systems that has use for sudo the increased complexity of a setuid root program can be accepted, but I see no reason to subjecting every other system to the same increased risk without any benefit. And for this argument, sudo's security record is also much more important (compared to just importing it where it can be disabled). In case people want to see what I'm talking about, go to http://www.vuxml.org/freebsd/pkg-sudo.html . (In case anyone should be in doubt; this mail is about su -> sudo, not the general idea of importing sudo, I have commented on that). --=20 Simon L. Nielsen --IbVRjBtIbJdbeK1C Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC3/NPh9pcDSc1mlERAr7mAKCzxz0ou4dZOcmgpzHCvQQiyj0X8wCgq7k9 Rc5UP55+Ahq6j32+3gRjYzU= =sWbk -----END PGP SIGNATURE----- --IbVRjBtIbJdbeK1C--