Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SUDO vs root account question

from [Blaine Lefler] Network Security [Permanent Link]
Subject: Re: SUDO vs root account question
Date: Wed, 23 Mar 2005 18:49:43 -0700
Tahis
The situation that you described will allow root access. There is one other issue with sudo. Sudo will allow shell escapes. There is a whole section on the sudo page at http://www.gratisoft.us/sudo/ to help prevent this. I used to use sudo a lot at another company and it work well. Blaine


Tahis Vera wrote: 
Hi all,
I have two quick questions related to the 'sudo' command;
putting a certain user Mr.X with ALL=(ALL)ALL permissions in the
sudoers file, gives him COMPLETE root previleges? In other words, if I
want that some people, for security reasons, stop using the root
account/password for accessing the servers, by crating a sudo user
with ALL previledges will decrease this risk? If this sudo account  is
compromised, will the cracker have COMPLETE root previleges?

The other questions is how to set the time (in sudoers file) for the
user to work with sudo, without having to write the password (let's
say that I want to work for 20 minutes without having to write the
password again)

regards

Tahis




[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Wireless Keyboards, Sean
Next by Date:  Re: SUDO vs root account question, Teresa Hasheminejad
Previous by Thread:  Re: SUDO vs root account question, Teresa Hasheminejad
Next by Thread:  RFC: mechanisms for anonymizing distributed search, jcr13
Indexes:  [Date] [Thread] [Top] [All Lists]