Re: debian-user-digest Digest V2009 #643

To: debian-user@lists.debian.org
Subject: Re: debian-user-digest Digest V2009 #643
From: Matus UHLAR - fantomas <uhlar@fantomas.sk>
Date: Sun, 10 May 2009 18:30:01 +0200
Message-id: <[🔎] 20090510163001.GA16121@fantomas.sk>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <20090425191711.GE6530@think.homelan>
References: <20090408125713.8E6572D0CCB@liszt.debian.org> <7acfd4d10904080634w61219888n7f4856637d6bd0a4@mail.gmail.com> <20090412230514.63a444a6@debian> <20090423075205.GA6560@fantomas.sk> <20090425191711.GE6530@think.homelan>

> On Thu,23.Apr.09, 09:52:05, Matus UHLAR - fantomas wrote:
> 
> > I guess it's because "sudo su" does not require root's password, but
> > users'. However this can have significant ipmact on system's security.

On 25.04.09 22:17, Andrei Popescu wrote:
> More than 'sudo'? BTW, there is also a '-i' option to sudo.

allowing "sudo su" is more dangerous than allowing most of commands
(not those that allow executing of subshell...)

It means that user can do anything with just his/her password, not needing
the root's.
-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Enter any 12-digit prime number to continue.

Reply to:

Prev by Date: Re: Rotating logs (and keeping the log's tail)
Next by Date: Re: not an 8139C+ compatible chip, Try the "8139too" driver instead
Previous by thread: Re: [vbox-users] Cannot build ko on patched kernel (resend)
Next by thread: Re: not an 8139C+ compatible chip, Try the "8139too" driver instead
Index(es):
- Date
- Thread