[sudo-workers] Modifying sudo to not require setuid
Todd C. Miller
Todd.Miller at courtesan.com
Sat Nov 5 10:19:29 MDT 2016
I've considered this in the past but it's not something on my
roadmap. The daemon would always need to run the command in a new
pty (which is something sudo can already do). I'm not sure if
people would be willing to have a daemon just for sudo.
There are portability issues since not all systems have SO_PASSCRED
or an equivalent mechanism (getpeerucred, getpeereid).
There would also be changes required to the plugin interface for
this to work.
- todd
More information about the sudo-workers
mailing list