> Suid scripts are considered more dangerous than suid binaries because, > historically, many scripts have been interpreted by /bin/sh (i.e. bad > code), and thus their meanings depend on the values of environment > variables such as IFS and PATH.
So the kernel forces you to have your own executable which can first set your IFS and PATH. And each script would need it's own executable. Is sudo the logical step to combine them all? We should get rid of PATH. And I'd like to know how difficult it would be to replace the whole env system. Either that or I shall have some more plan9. > sudo has the advantage over su that, if you learn how to configure it > properly, you can allow certain users to run certain commands without > typing the root password. Yeah, typing the root password should be the last thing to try. Although all of this doesn't really matter in our example, because you can always do mount --bind fake /bin, right?
