su, su -, sudo _and runuser_
James Wilkinson
fedora at aprilcottage.co.uk
Tue Aug 29 12:14:40 UTC 2006
Rainer Traut wrote:
> I think a better question is what is 'runuser' for?
> It has less options than su but does the same thing?!
runuser is a "trimmed down version of su" (according to the manpage).
Whereas su will allow you to get more permissions, runuser is a
lightweight version for root to disclaim root privileges, and run a
command with the permissions of a less-privileged user.
It seems to be used mostly in start-up scripts: you don't want your Web
server running as root in case someone finds a vulnerability. If the
server is merely running as apache, then an attacker would have to find
another vulnerability to become root.
Hope this helps,
James.
--
E-mail: james@ | "We completely deny the allegations, and we're trying to
aprilcottage.co.uk | identify the alligators."
More information about the fedora-list
mailing list