Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.507 (Entity 5.507) RT-Send-CC: X-RT-Original-Encoding: iso-8859-1 Content-Length: 588 I can look into changing the code's behavior, but not on any specific time table. ksu isn't a terribly high priority component for the project. From your stated security motivation, it sounds like you are building a scripted or programmatic system on top of ksu to allow specific operations to be performed at an escalated privilege level. I don't think ksu makes a great building block. Without knowing the full parameters of the system I can't say what would make a better building block, but perhaps remctl ( https://www.eyrie.org/~eagle/software/remctl/ ) would be better.