> | The correct answer would've been, rebuild perl with setuid. > > No. The correct answer is to stay the hell away from setuid, > and use sudo which allows fine grained control.
Red Hat provides a setuid perl in the perl-setuid package. SetUID perl includes its own restrictions and security precautions. I would argue that neither sudo nor setuid-perl is safer than or better than the other. Both carry substantial security risks, and mechanisms to manage those risks. There are almost always better ways of doing things, including using libcap, jails, and all sorts of other stuff. thornton -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
