Subject: Re: [ [Global InterSec 2002041701] Sudo Password Prompt Vulnerability.]
To: Oleg Polyanski <>
From: Rasputin <>
List: tech-security
Date: 04/26/2002 11:12:11
* Oleg Polyanski <> [020426 10:04]:

> (Greg A. Woods) writes:
> > A proper dedicated set-ID program that can't be mis-configured so
> > easily would be an almost infinitely better alternative than sudo.

>  Would you ever consider making the `umount(8)' program set-ID only
>  just to let somebody to unmount CD-ROM / floppy drive? 

That's not a dedicated program though is it?
A dedicated program would be a hardcoded version called
[u]mountcd  that only handled the cd drive; I can't see a problem with

Ok, admittedly I didn't look hard...