[ On Thursday, April 25, 2002 at 17:46:31 (-0700), Jeremy C. Reed wrote: ]
> Subject: Re: [lists@globalintersec.com: [Global InterSec 2002041701] Sudo  Password Prompt Vulnerability.]
>
> What are some safer and easier alternatives for this?

A proper dedicated set-ID program that can't be mis-configured so
easily would be an almost infinitely better alternative than sudo.

Perhaps it wouldn't even have to be set-ID-root if what it does can be
delegated to a special user.

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods@acm.org>;  <g.a.woods@ieee.org>;  <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>