[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: If you care about debian's security read this

On Sun, 3 Mar 2002 20:41:23 -0500
Daniel Burrows <dburrows@debian.org> wrote:

> On Sun, Mar 03, 2002 at 09:42:10PM -0300, Gustavo Noronha Silva
> <kov@debian.org> was heard to say:> kov     ALL = (root) NOPASSWD:
> /usr/sbin/chroot, /usr/sbin/pbuilder,> PASSWD: /usr/bin/apt-get
>   I should point out that you have as much of a security hole here:
> anyone on your account can get unrestricted root on your computer without
> a password.  (there are various machinations, but simply "sudo chroot /"
> will do it)
sure... thanks for pointing this out! I'll remove that remove that thing


kov@debian.org: Gustavo Noronha <http://www.metainfo.org/kov>
Debian: <http://www.debian.org> * <http://debian-br.cipsga.org.br>

Reply to: