At Fri, 18 May 2012 00:33:28 -0400 (EDT), Mouse
<mouse%Rodents-Montreal.ORG@localhost> wrote:
Subject: Re: Problems with packages on a netbsd-6 sparc
>
> Greg A. Woods wroge:
> >
> > or maybe sudo should just be thrown in the trash and left there
> > :-)
>
> That's what I would do with it. I once looked at setting up sudo for
> one of my paid jobs. Here's the report I wrote for the person who
> asked me to set it up
Couple all that with the fact there have been at least 18 serious
security bugs in sudo itself (never mind with how naive people can
trivially configure it to be a barn without any doors).....
The very concept of it is extremely flawed IMNSHO. It's a silly hack
created by someone who didn't properly understand the Unix security
model and since then it's been hacked on to add even more anti-security
features than one could ever imagine.
Of course even without it there are far too few people who fully
understand the true implications of just being allowed to run "su".
--
Greg A. Woods
Planix, Inc.
<woods%planix.com@localhost> +1 250 762-7675 http://www.planix.com/
Attachment:
pgpIzZLiGfbog.pgp
Description: PGP signature