why does redhat not make ksu setuid root?

[Elliot Lee]

>     Avery> Why would redhat make ksu (at least in the 7.2 distro)
>     Avery> _not_ setuid root?  kinda pointless for root to be the only
>     Avery> user who can ksu.

The "right" solution would probably be to have a PAM module that su uses
to check ~targetuser/.k5users, similar to the PAM module that does
~targetuser/.rhosts checking for rlogin/rsh.

Just in case someone is bored enough to write code ;-)
-- Elliot