From owner-freebsd-questions@FreeBSD.ORG Fri May 13 18:12:54 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 36EE6106566B for ; Fri, 13 May 2011 18:12:54 +0000 (UTC) (envelope-from inyaoo@gmail.com) Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by mx1.freebsd.org (Postfix) with ESMTP id 068988FC14 for ; Fri, 13 May 2011 18:12:53 +0000 (UTC) Received: by pzk27 with SMTP id 27so1673251pzk.13 for ; Fri, 13 May 2011 11:12:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version:content-type; bh=oVbSjNtwb/MxYNZBpckjx4p4tfOtAvBf7l6jZ4F3xyE=; b=vbJl+5QcinEFwnOgplh1SB+dVvMx33mQefpmpKl5JzYucWh67148tPKMQKY8uias04 7dXAerVztAjxqpxPGT5Gyk/DyLypb7IqOMqeiQdA7P/bDdEb9+cVA20tYYMNfy7KXTdX YFLvKSmwBbyOyxBxruKadvyQS4aofx25asUzE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version:content-type; b=C7+Pq1QyYLMklAKu5jvFat5RwSn4Oa7DIWnpSz+dair9qDr1ZOd6tvfHlIDW8A1mw3 SEOzekJnUnbIneuqcGDUAZpvrLAggOmmVRZ4Fv8/TG7RxMAfqP7lAMydpQzE4NI/xTT8 0S/fRBLcLziIhuKiG0UCYeKzcj8oW1NJFdX88= Received: by 10.68.47.34 with SMTP id a2mr2609705pbn.165.1305308885051; Fri, 13 May 2011 10:48:05 -0700 (PDT) Received: from localhost (tor-exit-router41-readme.formlessnetworking.net [199.48.147.41]) by mx.google.com with ESMTPS id f1sm1487557pbm.93.2011.05.13.10.48.02 (version=SSLv3 cipher=OTHER); Fri, 13 May 2011 10:48:04 -0700 (PDT) From: Pan Tsu To: Chris Telting References: <4DC9DE2C.6070605@telting.org> <201105121657.57647.j.mckeown@ru.ac.za> <4DCBFC39.8060900@telting.org> <201105130932.32144.j.mckeown@ru.ac.za> <4DCD02EF.7050808@telting.org> Date: Fri, 13 May 2011 21:47:58 +0400 In-Reply-To: <4DCD02EF.7050808@telting.org> (Chris Telting's message of "Fri, 13 May 2011 03:07:43 -0700") Message-ID: <86k4duh4q9.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain Cc: freebsd-questions@freebsd.org, krad Subject: Re: Established method to enable suid scripts? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 May 2011 18:12:54 -0000 Chris Telting writes: > On 05/13/2011 01:32, krad wrote: >> what i cant understand is the complete aversion to sudo. Could you >> shed any light on why you are trying to avoid a tried and tested >> method. > > That I freely admit is for no rational reason. It's just annoying. But ...a shebang can be written with sudo in mind, e.g. #! /usr/bin/env -S sudo sh id $ ./foo.sh uid=0(root) gid=0(wheel) groups=0(wheel),5(operator) $ ls -l -rwxr-xr-x 1 luser luser 31 May 13 21:36 foo.sh > let me ask you.. is "sudo ping" acceptable? Please explain the logical > reason why not. It would be the preferred method if suid didn't exist > and sudo was part of the base system.