Path: utzoo!utgpu!cs.utexas.edu!uunet!uunet.uu.net
From: kyle@uunet.uu.net (Kyle Jones)
Newsgroups: alt.sources.d
Subject: Re: sux, an enhancer for su
Message-ID: <130394@uunet.UU.NET>
Date: 25 Apr 91 17:31:26 GMT
References: <130392@uunet.UU.NET>
	<1991Apr25.142159.6826@convex.com>
	<462@frcs.UUCP>
	<7WYA.A2@xds13.ferranti.com>
Sender: kyle@uunet.UU.NET
Lines: 12

Tom Christiansen writes:
 > And this is a feature???  If there are users who can become root
 > without a password, then it's MUCH easier to subvert the
 > system.

I think we're talking around each other.  Most people understand
the decrease in security.  What you gain is ease of use and
safety.  Using a root shell is like using a table saw without the
guard plate.  Make it easy for people to become root when they
need to, and they're less likely to run as root when they don't
need to.  This is what the command is supposed to offer.  As for
the consequences, well, there are always tradeoffs.