On Fri, Jul 22, 2005 at 12:28:41AM -0400, asym wrote: > At 23:07 7/21/2005, markzero wrote: > >On Thu, Jul 21, 2005 at 10:23:56PM -0400, ender wrote: > >> Stephen Major wrote: > >> > >> If sudo offered the opportunity for more features, but by default > >> behaved exactly the same way as su, I would see no disadvantages to > >> replacing su with sudo. Am i missing something? > > > >What happens if you maintain systems that don't need sudo? > > You don't use the additional features. That was a hard one. Next?
Don't patronise me. This is supposed to be a mailing list discussing
security, not a childish pissing contest.
It is a valid concern when a tiny, well tested SUID binary is to be
replaced with one almost seven times its size:
$ wc -l /usr/src/usr.bin/su/su.c
572 /usr/src/usr.bin/su/su.c
By comparison:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/sudo/
$ du -h `which sudo`
98K /usr/local/bin/sudo
$ du -h `which su`
14K /usr/bin/su
I am not opposed to having sudo in the base system, I am however opposed
to it replacing su. I use sudo on about a third of my systems, on those
that I don't, I would no longer have the option to remove it unless I
wanted a crippled, su-less system. If sudo does not replace su, those
that don't use it can remove it. Those that use it - good, less work for
them. Everybody is happy.
M
--
pgp: http://www.darklogik.org/pub/pgp/pgp.txt
B776 43DC 8A5D EAF9 2126 9A67 A7DA 390F DEFF 9dD1
pgpSvPxIBX3HG.pgp
Description: PGP signature
