On Thu, August 27, 2009 4:23 pm, Aryeh Gregor wrote:
But you're not going to get root access using shutdown or kill or /etc/init.d/apache.
I would not be too certain about that. For example, buffer overflows are generally only a security problem when they happen in suid-root programs - this is why programs designed to be suid root have thorough checks on such problems. Software designed to be used by root does not always have the same thoroughness of checks - and running such software via sudo could expose these errors as security problems.
-Merlijn