Re: Apps that need SU

[Matthew Kirkwood <weejock ferret lmh ox ac uk>]

On Thu, 28 May 1998, Stephanos Piperoglou wrote:

> > > I have found that there are a number of apps that you really need to run as
> > > su. Logs thinges etc etc. I would be most exellent if apps such as this
> > > could prompt for passwd or some such and run as su when you need to run
> > > them.  I have to log in as root to run them because using xdm I can start
> > > them from a terminal.
> >
> > Possibly a better solution would be a password wrapper and sudo.
>
> sudo is the work of the devil. The proper way to do this is to have them
> setuid 0 (or more often setgid 0 - things like logs and disk devices should
> be accessible by group 0 - wheel or root, depending on which faction of that
> holy war you're in).

Eeek!  The "make it suid because we can't be bothered to set it up
properly" attitude is precisely what is beginning to put me off RedHat.
A good case-in-point:

RedHat 5.1 ships with a new version of xosview.  The default install
target in the Makefile seems to install it suid root, and it doesn't
drop those privs at any stage.  _One single grep_ was all that was
required to find the line

	strcpy(nbuf, getenv("HOME"));

(Variable names changed to protect the innocent) and a quick look at
the source file in question found

	char nbuf[1024];

on the preceding line.  Linux has /proc precisely so that things like
xosview don't need to be suid root.  And it doesn't -- the suid stuff
seems to be for FreeBSD.

Similarly, a log viewer shouldn't be made suid root.  Create a group
(it's called logadm on our systems) and add adminstrators to it.  If
you _insist_ upon an s?id bit, then make the logs owned by a logadm
user, not root.

Rant, rant, rant.

Matthew.