-
August 2nd, 2004, 02:34 PM
#1
Junior Member
SUICIDAL "sudo" command ??
Hi All,
This is my very first post to Forum, infact to AO.
I wanted to know the significance/relevance of the putting "sudo" command that is usually there is most Unix, Linux System. If this command is an ALTERNATIVE-TO-ROOT. Then isn't this SUICIDAL. Does this make a log if yes then in which file.
To put some pretext for the Query lemme say...
I tried this command to alter permission of so-called READONLY "passwd" file, as an ordinary user & I succeeded. Successively I was able to add one user having rOOt PoweRs (Don't ask me how?) whichout even root to letting it know . Now the Question is How could I change "passwd" [ or "shadow" file, as I did ]. Is there any "sudo" log that would have an entry of this.
ThanX in adVANce
-
August 2nd, 2004, 02:37 PM
#2
Oliver's Law:
Experience is something you don't get until just after you need it.
-
August 2nd, 2004, 02:38 PM
#3
To allow a user to use sudo to get teh 1337 r00t powerz you need to add the user to the /etc/sudoers file
also you can specify which commands the user can execute (even which variables he is allowed to use with the command)
try man sudo or even better this page: http://www.courtesan.com/sudo/intro.html
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
August 2nd, 2004, 02:39 PM
#4
Junior Member
Thx SirDice ..But the system I'm working on [ MPRAS-UNIX] has no manual Entry on this.
;-(.
-
August 2nd, 2004, 02:44 PM
#5
See the link The_Jinx posted, you can also find the man pages there.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
August 2nd, 2004, 02:46 PM
#6
Junior Member
Thx the_JinX for the Link. It really has substancial Info.
-
August 2nd, 2004, 02:53 PM
#7
NoProblem
Yup..
I went there while I was writing my lame tutorial on "chroot shells"..
That needed sudo and I allways shunned sudo out of a (unneeded) fear of the command..
Historicaly sudo has been abbused a lot by exploits and the likes..
But current versions are safe to use(tm)
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
August 2nd, 2004, 02:59 PM
#8
Yep, sudo is relatively safe. You just need to watch what kind of commands you're enabling...
There is no easy way to prevent a user from gaining a root shell if that user is allowed to run arbitrary commands via sudo. Also, many programs (such as editors) allow the user to run commands via shell escapes, thus avoiding sudo's checks.
Source man sudo.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
August 2nd, 2004, 03:31 PM
#9
Junior Member
thx again !! the_JinX, SirDice.
Right Now my head is in the sudo-link...dupppp..
Hey..one sec.. another Doubt.
Assume if I could change "passwd" file for myself to be root. Then I CAN do anything with "/etc/sudoers" file & also I can remove entries from it's log files.
Isn't that a hole. If not then what's the patch.
Thx again in advancE.
-
August 2nd, 2004, 03:57 PM
#10
Junior Member
Hello EveryOne, I'd the same doubt. Any Suggestions ???
[gloworange]NeOnD[/gloworange][glowpurple]...007[/glowpurple]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|