On Mon, Feb 01, 1999 at 11:41:09PM +0000, Julian Gilbey wrote: > An example of a package which already does almost exactly the same is > the secure-su package, which diverts the standard su to > /bin/su.orig/su or something like that, making /bin/su.orig mode 700, > so that noone except for root has access to the non-enhanced version > of su. This seems to be acceptable. Maybe there is some way for the > listar program to be setuid root, and the first thing it does is to
Several general rules apply here: * Never setuid unless you really have to. * If you setuid, never setuid to root unless you really, really, really have to. There are a number of security issues that become more and more important when you setuid to root, so I would not be in favor of doing such a thing.
