head	1.3;
access;
symbols
	RELEASE_8_3_0:1.3
	RELEASE_9_0_0:1.3
	RELEASE_7_4_0:1.3
	RELEASE_8_2_0:1.3
	RELEASE_6_EOL:1.3
	RELEASE_8_1_0:1.3
	RELEASE_7_3_0:1.3
	RELEASE_8_0_0:1.2
	RELEASE_7_2_0:1.2
	RELEASE_7_1_0:1.2
	RELEASE_6_4_0:1.2
	RELEASE_5_EOL:1.2
	RELEASE_7_0_0:1.2
	RELEASE_6_3_0:1.2
	PRE_XORG_7:1.2
	RELEASE_4_EOL:1.2
	RELEASE_6_2_0:1.2
	RELEASE_6_1_0:1.1.1.1
	RELEASE_5_5_0:1.1.1.1
	RELEASE_6_0_0:1.1.1.1
	RELEASE_5_4_0:1.1.1.1
	RELEASE_4_11_0:1.1.1.1
	RELEASE_5_3_0:1.1.1.1
	RELEASE_4_10_0:1.1.1.1
	RELEASE_5_2_1:1.1.1.1
	RELEASE_5_2_0:1.1.1.1
	RELEASE_4_9_0:1.1.1.1
	RELEASE_5_1_0:1.1.1.1
	RELEASE_4_8_0:1.1.1.1
	RELEASE_5_0_0:1.1.1.1
	RELEASE_4_7_0:1.1.1.1
	RELEASE_4_6_2:1.1.1.1
	RELEASE_4_6_1:1.1.1.1
	RELEASE_4_6_0:1.1.1.1
	RELEASE_5_0_DP1:1.1.1.1
	RELEASE_4_5_0:1.1.1.1
	RELEASE_4_4_0:1.1.1.1
	RELEASE_4_3_0:1.1.1.1
	RELEASE_4_2_0:1.1.1.1
	RELEASE_4_1_1:1.1.1.1
	RELEASE_4_1_0:1.1.1.1
	RELEASE_3_5_0:1.1.1.1
	RELEASE_4_0_0:1.1.1.1
	RELEASE_3_4_0:1.1.1.1
	RELEASE_3_3_0:1.1.1.1
	RELEASE_3_2_0:1.1.1.1
	super_3_11_9:1.1.1.1
	super_3_11_8:1.1.1.1
	RELEASE_3_1_0:1.1.1.1
	RELEASE_2_2_8:1.1.1.1
	super_3_11_6:1.1.1.1
	RELEASE_3_0_0:1.1.1.1
	RELEASE_2_2_7:1.1.1.1
	RELEASE_2_2_6:1.1.1.1
	RELEASE_2_2_5:1.1.1.1
	RELEASE_2_2_2:1.1.1.1
	super_3_9_7:1.1.1.1
	OBRIEN:1.1.1;
locks; strict;
comment	@# @;


1.3
date	2009.12.21.02.18.32;	author dougb;	state Exp;
branches;
next	1.2;

1.2
date	2006.07.24.12.12.42;	author jmelo;	state Exp;
branches;
next	1.1;

1.1
date	97.04.24.08.02.43;	author obrien;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	97.04.24.08.02.43;	author obrien;	state Exp;
branches;
next	;


desc
@@


1.3
log
@For ports maintained by ports@@FreeBSD.org, remove names and/or
e-mail addresses from the pkg-descr file that could reasonably
be mistaken for maintainer contact information in order to avoid
confusion on the part of users looking for support. As a pleasant
side effect this also avoids confusion and/or frustration for people
who are no longer maintaining those ports.
@
text
@Super is a setuid-root program that offers:

    o  restricted setuid-root access to executables, adjustable
	on a per-program and per-user basis;

    o  a relatively secure environment for scripts, so that well-written
	scripts can be run as root (or some other uid/gid), without
	unduly compromising security.

The design philosophy behind super is two-fold:

    (a) some users can be trusted when executing certain commands;
    (b) there are some commands, such as a script to mount CDROM's,
	which you'd like to be safely executable even by users who
	are NOT trusted.  Although setuid-root scripts are insecure,
	a good setuid-root wrapper around a sensible non-setuid script
	can be hard to break, and super provides that wrapper so that
	even a non-trusted user can use the scripts.

WWW:	http://www.ucolick.org/~will/#super
@


1.2
log
@- Update mastersite.
- Update pkg-descr.

PR:		ports/100715
Submitted by:	Babak Farrokhi <babak@@farrokhi.net> (maintainer)
@
text
@a20 1
AUTHOR:	Will Deich <will@@ucolick.org>
@


1.1
log
@Initial revision
@
text
@d1 1
a1 1
Super is a setuid-root program that offers
d10 1
a10 3
Sample uses:
    -  to call a script that allows users to use mount(8) on
	cdrom's or floppy disks, but not other devices.
a11 20
    -  to restrict which users, on which hosts, may execute a
	setuid-root program.

    -  to allow groups of trusted users (e.g. an "operator" group) complete
	root access to sets of selected commands such as, say, line-printer
	control commands, without giving away access to other commands,
	and with full logging of all commands used.


Super and sudo
--------------
Sudo --
    Sudo allows a permitted user to execute a command as the superuser.
    Its central design philosophy is that each user can be
    trusted when executing certain commands.  This is implemented
    by allowing each user to execute the restricted commands for
    which s/he is trusted, without giving access to other restricted commands.

Super --
    The design philosophy behind super is two-fold:
d20 2
a21 11
In the author's view, the main differences to the administrator are:

    (1) the files that specify valid user/command combinations have
	a different look and feel.

    (2) super provides a safe wrapper for scripts, so that a
	well-written script can be run safely by ordinary
	users without having to actually trust them.


-- David	(obrien@@FreeBSD.org)
@


1.1.1.1
log
@Super is a setuid-root program that offers

    o  restricted setuid-root access to executables, adjustable
        on a per-program and per-user basis;

    o  a relatively secure environment for scripts, so that well-written
        scripts can be run as root (or some other uid/gid), without
        unduly compromising security.

See pkg/DESCR for a comparson w/sudo.
@
text
@@
