Subject: Re: That sudo that you do so well...
To: Ed Ravin <eravin@panix.com>
From: Greg A. Woods <woods@weird.com>
List: tech-security
Date: 04/26/2002 22:31:53
[ On Friday, April 26, 2002 at 13:25:40 (-0400), Ed Ravin wrote: ]
> Subject: That sudo that you do so well...
>
> One promising project is SUS, which according to the abstract is:
>
> [...] a system administration tool which allows a user to run
> a command as root or as some other user after authenticating.
> Unlike most other commands of that ilk, SUS attempts to treat
> the command and its arguments as references to system objects,
> and allows for relatively powerful matching on the attributes
> of those objects to determine if the user should or should not
> be allowed to execute the desired command. In addition, SUS has
> a mode to help limit the number of setuid utilities needed to
> provide user services via the web.
I remember reading that paper -- and thinking it was an interesting
solution to the wrong problem.
--
Greg A. Woods
+1 416 218-0098; <gwoods@acm.org>; <g.a.woods@ieee.org>; <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>