[ On Friday, April 26, 2002 at 13:25:40 (-0400), Ed Ravin wrote: ]
> Subject: That sudo that you do so well...
>
> One promising project is SUS, which according to the abstract is:
> 
>    [...] a system administration tool which allows a user to run
>    a command as root or as some other user after authenticating.
>    Unlike most other commands of that ilk, SUS attempts to treat
>    the command and its arguments as references to system objects,
>    and allows for relatively powerful matching on the attributes
>    of those objects to determine if the user should or should not
>    be allowed to execute the desired command. In addition, SUS has
>    a mode to help limit the number of setuid utilities needed to
>    provide user services via the web.

I remember reading that paper -- and thinking it was an interesting
solution to the wrong problem.

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods@acm.org>;  <g.a.woods@ieee.org>;  <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>