Re: [dev] Remount rootfs sync on impending battery depletion.

[hiro]

Wow, I didn't even know that. So this is what made people invent the
even more insecure alternative sudo?

On 12/22/10, Ethan Grammatikidis  wrote:
>
> On 20 Dec 2010, at 6:56 pm, hiro wrote:
>
>> Ever heard of setuid root??
>
> I thought this was supposed to be a script? The Linux kernel prevents
> the SUID bit from taking effect on scripts "because SUID scripts are
> almost always security exploits." NOT my words, btw.
>
>

[dev] Remount rootfs sync on impending battery depletion.

[Connor Lane Smith]

Hey,

On Thursday, 23 December 2010, hiro <23h...@googlemail.com> wrote:
> Wow, I didn't even know that. So this is what made people invent the
> even more insecure alternative sudo?

Sudo, used correctly, is more secure than su or setuid. People just
need to know their tools, I guess. ;)

cls

Re: [dev] Remount rootfs sync on impending battery depletion.

[hiro]

I'm still not going away like that.

Why is a suid script more dangerous than i.e. suid mount? What else is
dangerous about suid root in general (apart from the bad code you
shouldn't execute anyway)?

And I don't think su is any better than sudo.