Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rutgers!sunybcs!kitty!larry
From: larry@kitty.UUCP
Newsgroups: comp.sys.att
Subject: Re: slide - a command to make you root
Message-ID: <2246@kitty.UUCP>
Date: Thu, 19-Nov-87 11:55:47 EST
Article-I.D.: kitty.2246
Posted: Thu Nov 19 11:55:47 1987
Date-Received: Sat, 21-Nov-87 14:44:56 EST
References: <223@althea.UUCP> <382@picuxa.UUCP>
Organization: Recognition Research Corp., Clarence, NY
Lines: 29
Keywords: handy, time-saving
Summary: An alternative - ``sudo''

In article <382@picuxa.UUCP>, tgr@picuxa.UUCP (Dr. Emilio Lizardo) writes:
> In defense of slide -- I have an AT&T 3B2/300 which I use for some
> development and testing.  I have "normal" logins which I use in
> the testing, and occasionally I need to become superuser to fix
> something.  If slide means I don't have to key in the password, fine.
> ... 

	There is an alternative to slide that was developed by the folks at
State University of NY at Buffalo (sunybcs) called ``sudo''.  This program
runs on the UNIX-PC, 3B2's, NCR Towers, XENIX, and every System V version
that I have laid my hands on.
	Sudo reads a protected file containing a list of permitted users
AND the nature of commands which they are permitted to execute as superuser.
This file can permit a user to execute all commands as superuser, or just
particular designated commands.  This is ideal for conveying "limited
authority" - which is obviously not possible with regular su(1).
	All commands executed by sudo are logged to a log file, and all
failures or unauthorized sudo attempts are logged to a fail.log file.
	I have uncovered no security problems with sudo in almost 3 years
of use on a number of systems beyond the obvious of allowing a permitted
user to be logged into an unattended terminal.
	The source to sudo was posted to unix-pc.sources a year or so ago,
and may have been posted to comp.sources.  Perhaps the kind folks at sunybcs
will submit the source again if there was no submission to comp.sources.

<>  Larry Lippman @ Recognition Research Corp., Clarence, New York
<>  UUCP:  {allegra|ames|boulder|decvax|rutgers|watmath}!sunybcs!kitty!larry
<>  VOICE: 716/688-1231        {hplabs|ihnp4|mtune|utzoo|uunet}!/
<>  FAX:   716/741-9635 {G1,G2,G3 modes}   "Have you hugged your cat today?"