> after all there *is* a safe way to start root-commands: super. This
> allows a list of users to execute commands with another user-id,
> e.g. root.

While I haven't looked into this (I didn't even know about its existance until
now),  this

1. can work only with known shells (for which it can work around known
   bugs/security holes, and I hope it does this properly).

2. doesn't need the help of the kernel (may not be true for the particular
   implementation, but can be made to work without kernel support for
   setuid shell scripts).

So it's still better to leave the support of setuid scripts turned off in
your kernel.

Ciao,
Wolfgang
--
ws@TooLs.DE     (Wolfgang Solfrank, TooLs GmbH) 	+49-228-985800