[OpenAFS-devel] Nothing but the PAG

Derrick J Brashear shadow@dementia.org
Fri, 16 May 2003 11:30:08 -0400 (EDT)


On Fri, 16 May 2003, Jan Harkes wrote:

> > I like this, it also makes it trivial to add a module later on that can
> > get in there and do a setpag() if that is ever needed without having to
> > have that be in the patch.
>
> In reality, a pag is used to work around a bunch of solvable problems,
>
> - To make sure that an application that uses setuid doesn't lose it's
>   original credentials. Why not just remove the setuid calls.

su works poorly when it's not setuid.(*) i want to become root and keep
my authentication. i hate typing my password. just ask the pubkooky (er,
sorry, pubcookie) boosters.

-D

(* my SunOS 4 machine has a non-setuid su on it, not as /bin/su, but sadly
first in my path. I get sad regularly.)