Date: Sat, 7 Oct 2000 22:51:32 +0200 From: Neil Blakey-Milner <nbm@mithrandr.moria.org> To: Chris BeHanna <behanna@zbzoom.net> Cc: FreeBSD-Stable <stable@freebsd.org>, "David J. Kanter" <david.kanter@mindspring.com> Subject: Re: Security problem with "script"? Message-ID: <20001007225132.A29035@mithrandr.moria.org> In-Reply-To: <Pine.BSF.4.21.0010071640460.7433-100000@topperwein.dyndns.org>; from behanna@zbzoom.net on Sat, Oct 07, 2000 at 04:41:13PM -0400 References: <200010071807.MAA01420@harmony.village.org> <Pine.BSF.4.21.0010071640460.7433-100000@topperwein.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat 2000-10-07 (16:41), Chris BeHanna wrote: > > No. script forks a shell. sudo tells you to do that as root. It is > > merely complying. > > Er, wouldn't that give a user root access to do anything he or she > wanted? If you set up 'sudo' to let someone run 'script' as root, yes. It has nothing to do with 'script', it's the fact 'sudo' runs it as root. For it to do that, you need to set it up to do that. Neil -- Neil Blakey-Milner nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001007225132.A29035>