1 Aug
2019
1 Aug
'19
11:23 p.m.
On Thu, 1 Aug 2019, Doug McIlroy wrote:
A common failing of Unix administration was a
proliferation of suid-root
programs, e.g. mail(1). I recall one system that had a hundred such
programs. Sudo provided a way station between suid and ACLs.
I've always maintained that if you think you need setuid root (which is a
gaping chest wound), you can invariably get away with setgid instead.
ObTrivia: Back in the 80s, some third-party software needed to be
installed under "root". I was suspicious, but I had little choice but to
allow it (manager's orders; that company went under shortly after I left
them). Eventually I discovered why, when I had to clean up the mess: it
actually *unlinked* directories; yes, you read that right...
-- Dave