[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]









 "http://www.w3.org/TR/html4/loose.dtd">

<li>date: Wed May 18 21:44:48 2005</li>
<li>from: fd0man at gmail.com (Michael B. Trausch)</li>
<li>in-reply-to: <[email protected]></li>
<li>references: <[email protected]> <<a href="msg00623.html">[email protected]</a>> <[email protected]> <<a href="msg00629.html">[email protected]</a>> <[email protected]></li>
<li>subject: [ale] Sudo</li>

Okay... I'll take this in little baby steps for you:

&gt; &gt; Several times in the (still going)
&gt; &gt; setuid/viral/malware/root/non-root/etc discussion people have mentioned
&gt; &gt; using sudo.  One of the things I've always disliked about sudo is the
&gt; &gt; need for me to have to preface some commands I want to run as su vs
&gt; &gt; which I don't.  What I mean is as a user if I want to run &quot;ifconfig eth
&gt; &gt; mtu 1149&quot;, I need to acually run &quot;sudo ifconfig eth0 mtu 1149&quot;, but if I
&gt; &gt; want to just see what the MTU is for interface eth0 I don't need sudo.
&gt; &gt; What I think would be neat is for bash (or other shells) to remember
&gt; &gt; sudo commands that users run and to automatically invoke sudo the next
&gt; &gt; time I run the command without it.  Knowing when to use sudo is not the
&gt; &gt; issue here, having sudo know when it is needed is.

The issue that you're talking about is that you want bash - or another
shell - to remember that you used sudo when you executed a command.  So,
instead of:

	$ ifconfig eth0 192.168.0.100 [...]

It would be:

	$ sudo ifconfig eth0 192.168.0.100 [...]

How *smart* do you think this could *possibly* be?  There's a reason
that you have to explicity specify that you want root privilege.  Are
you truly that lazy?

In addition, giving sudo the intelligence to look at a command line and
go, &quot;Oooh, I'm needed to make this command succeed,&quot; is also playing
with fire.  At worst, you're talking about implementing it with a hash
table, and perhaps learning from repeated execution.  However, this
flies in the face of everything that has anything to do with the Unix
philosophy.

Want that functionality in sudo?  Fork it and create a new program with
a different name so that people who would think it is evil and
unwarranted (which it is) can not be tricked into using it and
consequently grepping the source to remove that &quot;functionality&quot;.

	- Mike

-- 
Michael B. Trausch                               &lt;fd0man at gmail.com&gt;
Website: <a  rel="nofollow" href="http://fd0man.chadeux.net/";>http://fd0man.chadeux.net/</a>     Jabber: mtrausch at jabber.com
Phone: +1-(678)-522-7934              FAX (US Only): 1-866-806-4647
===================================================================
Do you have PGP or GPG?  Key at pgp.mit.edu, Please Encrypt E-Mail!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature



</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<ul><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><a name="00642" href="msg00642.html">[ale] Sudo</a></strong>
<ul><li><em>From:</em> jimpop at yahoo.com (Jim Popovitch)</li></ul></li>
</ul></li></ul>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00607" href="msg00607.html">[ale] Sudo</a></strong>
<ul><li><em>From:</em> jimpop at yahoo.com (Jim Popovitch)</li></ul></li>
<li><strong><a name="00623" href="msg00623.html">[ale] Sudo</a></strong>
<ul><li><em>From:</em> fd0man at gmail.com (Michael B. Trausch)</li></ul></li>
<li><strong><a name="00628" href="msg00628.html">[ale] Sudo</a></strong>
<ul><li><em>From:</em> jimpop at yahoo.com (Jim Popovitch)</li></ul></li>
<li><strong><a name="00629" href="msg00629.html">[ale] Sudo</a></strong>
<ul><li><em>From:</em> fd0man at gmail.com (Michael B. Trausch)</li></ul></li>
<li><strong><a name="00632" href="msg00632.html">[ale] Sudo</a></strong>
<ul><li><em>From:</em> jimpop at yahoo.com (Jim Popovitch)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00637.html">[ale] Sunday 05-22-05 6PM RUN-AS-ROOT CHALLENGE</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00639.html">[ale] Sunday 05-22-05 6PM RUN-AS-ROOT CHALLENGE</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00632.html">[ale] Sudo</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00642.html">[ale] Sudo</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00638"><strong>Date</strong></a></li>
<li><a href="threads.html#00638"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>

Prev by Date: [no subject]
Next by Date: [no subject]
Previous by thread: [no subject]
Next by thread: [no subject]
Index(es):
- Date
- Thread