running apps as root question

Gintautas gmlists at centras.lt
Fri Jul 4 12:40:57 PDT 2003


Hello,

> a very _easy_ way of allowing everyone to use programs that are normaly
> reserved for root is of course to "chmod u+s [app]", so that the
> processes run as root. 
> 
> My question: how much of a security whole does this create? Should I not
> do it?

I would consider it extremely risky under a multiuser system. However,
if it's your personal computer, you can do whatever you want :) Anyway,
I'd suggest sudo for such things -- it not only has some security, but
also logs all actions which might be useful if you break something by
accident.

> And particularly: any disadvantages if I use chmod u+s for 
>  - shutdown (yes, I want everyone to be able to shutdown)
>  - wvdial
>  - [in general]

No disadvantages, just security risks :)

In this case I personally create a group (or use an existing one, like
wheel), add myself (and all users concerned) to the group and then make
the new suid files executable only by members of that group.

-- 
 Gintautas
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-chat' in the subject header of the message



More information about the lfs-chat mailing list