Path: utzoo!utgpu!cs.utexas.edu!usc!apple!well!dhawk
From: dhawk@well.sf.ca.us (David Hawkins)
Newsgroups: alt.sources.d
Subject: Re: sux, an enhancer for su
Message-ID: <24446@well.sf.ca.us>
Date: 26 Apr 91 05:29:12 GMT
References: <130392@uunet.UU.NET> 	<1991Apr25.142159.6826@convex.com> 	<462@frcs.UUCP> 	<7WYA.A2@xds13.ferranti.com> <130394@uunet.UU.NET>
Lines: 24

kyle@uunet.uu.net (Kyle Jones) writes:

>Make it easy for people to become root when they
>need to, and they're less likely to run as root when they don't
>need to.  This is what the command is supposed to offer.  As for
>the consequences, well, there are always tradeoffs.

Make a copy of /bin/sh or /bin/csh  (or whatever shell you like),
and make it suid root and group executable only by group wheel or
group root (depending on your system) 

-rws--x---  1 root     root        26288 Oct 21  1989 /rootsh

Easy enough.

NOTE: I would not do this, of course and do *not* recommend it, but
it's about as secure as your /etc/group file and the passwords of the
folks in group root or group wheel

later, david
--
David Hawkins - dhawk@well.sf.ca.us - {apple,pacbell,hplabs,ucbvax}!well!dhawk 
There are two insults no human being will endure: that he has no sense of 
humor, and that he has never known trouble.  -- Sinclair Lewis, "Main Street"