Sudo from scripts

Gordon Messmer yinyang at eburg.com
Tue Nov 18 16:25:09 UTC 2008


Mikkel L. Ellertson wrote:
> Patrick O'Callaghan wrote:
>> In any case, the owner of the script is only security-relevant in two
>> cases: 1) if it allows someone to edit the script who normally couldn't,
>> or 2) if the script is setuid. Of course it could also change who can
>> *execute* the script, but if it's not setuid they'll be doing it as
>> themselves, not as the owner.
>>
> Does setuid work on scrips? I know it did not in the past, but I
> have not checked to see if that has changed.

No, it doesn't, and it never will.  Making "root" a script's owner is 
not a "security issue".




More information about the fedora-list mailing list