[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: If you care about debian's security read this



On Sun, Mar 03, 2002 at 02:03:05PM -0500, Joey Hess wrote:
> Gustavo Noronha Silva wrote:
> > kov     ALL = (root) NOPASSWD: /usr/sbin/chroot, /usr/sbin/pbuilder, /usr/lib/gnome-sudo/gnome-sudo-helper, PASSWD: /usr/bin/apt-get
> 
> My lord that's disgusting. Why not just start up X as root and run gnome
> as root if they want to emulate windows to such a degree.
> 
> I hope that the package does not add this line to the sudoers file for
> you?

No, it doesn't.

> Does its documentation ask you to put that line in including the
> braindead NOPASSWORD part?

Nope, it doesn't do that, either.

I think the operant lesson we can derive from this is:

"If you care about Debian's security, ignore Gustavo Moronha Silva."

-- 
G. Branden Robinson                |    The errors of great men are
Debian GNU/Linux                   |    venerable because they are more
branden@debian.org                 |    fruitful than the truths of little
http://people.debian.org/~branden/ |    men.         -- Friedrich Nietzsche

Attachment: pgp2An8EA_kuE.pgp
Description: PGP signature


Reply to: