Posted by: Administrator
on December 13, 2005 04:42 AM
My point was that in this case safe-du allows finer-grained control. Consider this example (run as normal user):
$ safe-du<nobr> <wbr></nobr>/
vs.
$ sudo du<nobr> <wbr></nobr>/
The safe-du will abort because it will check if the user owns the root directory. The sudo will run because it doesn't check if the user owns the root directory.
I'm aware that you can specify the allowed arguments in sudo but in this case the possible arguments are too many - any directory or file is a valid argument to du.
So it's not exactly that safe-du is safer than 'sudo du', it's just in this case a better way of controlling usage.
Learn about Linux
Download Linux
Get Linux help
Re:Run bash setuid/setgid
Posted by: Administrator on December 13, 2005 04:42 AM$ safe-du<nobr> <wbr></nobr>/
vs.
$ sudo du<nobr> <wbr></nobr>/
The safe-du will abort because it will check if the user owns the root directory. The sudo will run because it doesn't check if the user owns the root directory.
I'm aware that you can specify the allowed arguments in sudo but in this case the possible arguments are too many - any directory or file is a valid argument to du.
So it's not exactly that safe-du is safer than 'sudo du', it's just in this case a better way of controlling usage.
#