Re: If you care about debian's security read this
On Sun, Mar 03, 2002 at 09:42:10PM -0300, Gustavo Noronha Silva <kov@debian.org> was heard to say:
> kov ALL = (root) NOPASSWD: /usr/sbin/chroot, /usr/sbin/pbuilder,
> PASSWD: /usr/bin/apt-get
I should point out that you have as much of a security hole here:
anyone on your account can get unrestricted root on your computer without
a password. (there are various machinations, but simply "sudo chroot /"
will do it)
Daniel
--
/-------------------- Daniel Burrows <dburrows@debian.org> -------------------\
| "It is said that someone at a party once asked |
| the famous philosopher Ly Tin Weedle, 'why |
| are you here?', and the reply took three years." |
| -- Terry Pratchett |
\---------------------- A duck! -- http://www.python.org ---------------------/
Reply to: