[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shared root account



On Fri, Jul 06, 2001 at 03:24:56PM -0800, Ethan Benson wrote:
> On Fri, Jul 06, 2001 at 09:43:55AM -0500, Nathan E Norman wrote:
> > 
> > OTOH if you restrict the user to a list of commands in /etc/sudoers,
> > it's wise to consider whether the user might be able to leverage one of
> > those commands to edit /etc/sudoers (or any other file).  If you're
> > going to list "emacs" or "vi" in /etc/sudoers, you might as well just
> > list "ALL" :)
> 
> or even seemingly innocuous things like less or even cat.  
> 
> sudo less anything
> !/bin/sh
> whoami
> r00t!
> 
> echo me ALL=ALL > s
> sudo 'cat s >> /etc/sudoers'

IOW, it's safe to say that allowing access to a shell via sudo means
you trust that user as root.
 
> sudo is a very large cannon which is difficult to keep aimed away from
> the foot...

Depends on how you use it.

At my last job, we used sudo for two reasons:

1) I didn't have to inform all the admins whenever the root password
changed.

2) techs had a script which ran as root under sudo for creating user
accounts, etc.  The script was written in perl ... I'm sure there was
something wrong with it but it worked well for us and kept techs in
the box where they did the least damage.

Cheers,

-- 
Nathan Norman - Staff Engineer | A good plan today is better
Micromuse Ltd.                 | than a perfect plan tomorrow.
mailto:nnorman@micromuse.com   |   -- Patton

Attachment: pgp3EV79O1_P_.pgp
Description: PGP signature


Reply to: