Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SUDO vs root account question

from [Joe Polk] Network Security [Permanent Link]
Subject: Re: SUDO vs root account question
Date: Wed, 23 Mar 2005 14:27:21 -0400 
Hi all,
I have two quick questions related to the 'sudo' command;
putting a certain user Mr.X with ALL=(ALL)ALL permissions in the
sudoers file, gives him COMPLETE root previleges? In other words, if 
I want that some people, for security reasons, stop using the root 
account/password for accessing the servers, by crating a sudo user 
with ALL previledges will decrease this risk? If this sudo account 
 is compromised, will the cracker have COMPLETE root previleges?



Think of SUDO and "DO" this as "SU."  If I hack a user account with full sudo
access, I can make myself root.

--
<<JAV>>
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Wireless Keyboard Security, Pedro Venda
Next by Date:  Re: SUDO vs root account question, Louis Lerman
Previous by Thread:  SUDO vs root account question, Tahis Vera
Next by Thread:  Re: SUDO vs root account question, Louis Lerman
Indexes:  [Date] [Thread] [Top] [All Lists]