On Tue, Feb 27, 2007 at 04:17:10AM +0100, Curt Manucredo wrote: > i could never imagine that it is possible to call a command and then > have root rights for it, without authentificating on the system with a > password. so i thought a daemon running as root might solve that problem > (which i thought it does exist) ;-). but since today i can not imagine > how sudo is doing that - it might be very difficult to explain since i > couldn't find an explantion on the net. > so, how is sudo doing this auth-job, even with no > password-verification. how does sudo treat the system? > has anyone an answer to that so i can understand it?
[EMAIL PROTECTED]:~$ ls -l `which sudo` -rwsr-xr-x 2 root root 91700 2006-04-15 07:39 /usr/bin/sudo That 's' permission in the user execution bit position means the program runs set-UID under the file owner's account (in this case, root). To run things as users other than root, the program calls setuid(2) or similar to drop its root privs (review the source to see if they roll their own). Honestly, all of your questions and misconceptions about sudo(1), how it works/what it does, would be far more easily answered by reading the manual, rather than asking debian-mentors subscribers to read it to you. See also the sudo webpage: http://www.sudo.ws/ -- { IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657); SMTP([EMAIL PROTECTED]); IRC([EMAIL PROTECTED]); ICQ(114362511); AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER([EMAIL PROTECTED]); MUD([EMAIL PROTECTED]:6669); WWW(http://fungi.yuggoth.org/); } -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
