Many people consider the use of the suid bit to be a real security risk, particularly for large programs. I would never advise setting it unless there is absolutely no other ( convenient ) way of starting a program with root privs. Fortunately there is. You can set yourself as a sudoer for any particular program file in the /etc/sudoers file and you can choose whether or not you want to have that program protected by a password.
man 5 sudoers ( You'll have to bone up on BNF before attempting to decrypt the jargon ) ps & btw, Do as I say, not necessarily as I do. :-) ( and no, I'm not going to discuss in a pubclic forum how I have taken what I believe to be a relatively small risk for the sake of a great convenience ) On 4/4/08, Steve Holdoway <[EMAIL PROTECTED]> wrote: > Ah, I see. You've set both the setuid and sticky bit on the script following > on from Ben's post. > > The sticky bit will ensure that the executable is help in swap after the > program ends, leading ( in long, long ago days ) to a faster startup next > time. I don't think that's relevant any more. > > I'm also surprised that a shellscript will run with a setuid root bit set. > Is/was considered a security risk... > > Glad it's sorted, > > Steve > > > On Fri, 04 Apr 2008 11:24:48 +1300 > Roger Searle <[EMAIL PROTECTED]> wrote: > > > Hi Steve, I think I haven't been clear enough about the issue. The > > server component is starting up fine, as are the virtual machines that I > > have starting automatically. What I am trying to do is get the console > > going, and just as the logged on user rather than having to invoke sudo > > and provide the password. Hope this makes it clearer? > > > > Cheers, > > Roger > > > > Steve Holdoway wrote: > > > sudo /etc/init.d/vmware start > > > > > > should do the trick. > > > > > > On Fri, 04 Apr 2008 09:02:44 +1300 > > > Roger Searle <[EMAIL PROTECTED]> wrote: > > > > > > > > >> Good morning. I took the bait of the minor upgrade available from > > >> VMWare Server to go up a massive 0.01 to 1.05, downloading their tar > > >> file and running the install script. The installation went fine and > VMs > > >> run and behave as usual. However I am no longer able to use a KDE menu > > >> or Autostart entry to launch the application, the only method I have > > >> found so far is to launch manually via command line thus: > > >> > > >> [EMAIL PROTECTED]:~$ sudo /usr/bin/vmware -l > > >> [sudo] password for roger: > > >> > > >> which is a pain and obviously not good practice. Without sudo I get > > >> permission denied which seems to be contrary to my understanding of the > > >> permissions in that I have execute rights: > > >> > > >> [EMAIL PROTECTED]:~$ sudo ls -al /usr/bin | grep vmware > > >> -r-xr-xr-x 1 root root 4570 2008-04-02 11:45 vmware > > >> > > >> Yes, yes, I know, use Adept - and I'm really bad. It's only offering > > >> 1.04, sure I could remove 1.05 and go back a release but it's the > > >> learning for me. How can I create a desktop icon command that doesn't > > >> require the use of sudo? I know the "right click the desktop, create > > >> new, link to application" bit, and /usr/bin/vmware as the application > > >> command doesn't do it. > > >> > > >> Thanks for any pointers! > > >> Roger > > >> > > >> > > >> > > >> > > >> > -- Sincerely etc. Christopher Sawtell
