Given a basic Linux (or *nix) system with a user bob. Assume that bob has sudo capability. There are two approaches (I'm not going to use exact syntax): 1. bob sh 2. bob All So, in the first case bob can: sudo sh -c "foo" and in the second bob can: sudo foo Why would the first approach represent a more secure mechanism? It is true that sh could be a wrapper or have sticky bits, etc. We'll assume these are not an issue. The point being why is running a program directly as root in this manner less secure than running the program through a shell as root? Example? Explanation? Thanks. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage@ssz.com jchoate@open-forge.org www.ssz.com www.open-forge.org --------------------------------------------------------------------