Results 1 to 10 of 13

Thread: SUICIDAL "sudo" command ??

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

August 3rd, 2004, 07:52 AM #11
the_JinX

View Profile

View Forum Posts

Visit Homepage
Leftie Linux Lover

Join Date

Nov 2001

Location

Beverwijk Netherlands

Posts

2,534
As SirDice was kind enough to point out,

you shouldn't allow any kind of program that has more than one function, let alone a function to edit / open files as the root user to be used with sudo (in the /etc/sudoers)
That way noone will be able to edit the /etc/shadow, /etc/password or /etc/sudoers or even worse files . . .

The only file allowed to be "su-done" on my system is a shellscript that chroots the home of the user and then drops back to the lower rights user..

The only thing you have to be realy realy carefull about is not to allow to much !!!

ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
Reply With Quote

Quick Navigation Miscellaneous Security Discussions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: SUICIDAL "sudo" command ??

Thread Tools

Display

Threaded View

Posting Permissions