list management

Emil Isberg emil.isberg at
Wed Dec 11 06:37:55 EST 2002

On Wed, 11 Dec 2002 mlh at wrote:
>Sudo is always an alternative to a setuid program.

Yes, sudo is an alternative to a setuid application, but not that good one
when it comes to noninteractive programs.

And I generally dislike scripts that are run from webpages...
Seldom I see proper security in those...
(There are many reasons behind that you can't do setuid scripts in modern
operating systems.)

If you follow a simple guideline like KISS (keep it simple, stupid) then
it is much easier to get proper security without lacking needed

I think sudo is great, ofcourse I do... And I use it for most things I can
think of...

A similar sudo configuration as that program would give:

prompt$ cat script1
#! /bin/sh

[ -z "$1" -o -z "$1" ] && echo 'Usage: script1 <alias> <target>' && exit

exec sudo /path/to/script2 "$1" "$2"
prompt$ cat script2
#! /bin/sh

[ -z "$1" -o -z "$1" ] && echo 'Usage: script2 <alias> <target>' && exit

echo "$1":	"$2" >> /path/to/aliasfile
prompt$ cat sudoconfig
nobody	ALL = (root) /path/to/script2

It's still simple... But it's three processes involved instead of one.
Or perhaps you could use just two processes (by skipping the first

Most times there is more than one solution to a given problem.
I suggested two solutions that didn't involve sudo... And now I've
supplied one that does involve sudo...

Your program is sick!  Shoot it and put it out of its memory.

More information about the sudo-users mailing list