Re: shared root account

To: debian-security@lists.debian.org
Subject: Re: shared root account
From: Ethan Benson <erbenson@alaska.net>
Date: Sat, 7 Jul 2001 01:58:50 -0800
Message-id: <[🔎] 20010707015850.T26109@plato.local.lan>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 87hewpy26m.fsf@dyn006239.shef.ac.uk>; from e.e.moore@shef.ac.uk on Sat, Jul 07, 2001 at 02:10:09AM +0100
References: <[🔎] B76B3592.2110%robert@sciresearch.com> <[🔎] 20010706094355.A25712@micromuse.com> <[🔎] 20010706152456.M26109@plato.local.lan> <[🔎] 87hewpy26m.fsf@dyn006239.shef.ac.uk>

On Sat, Jul 07, 2001 at 02:10:09AM +0100, Eric E Moore wrote:
> I would be very shocked if you could compromise a system with a
> sudoers entry of:
> me hostname = (root) /bin/cat

i would not, being able to read every file on the system, even if you
can't write is going to lead to compromise sooner or later.  

> Ethan> sudo is a very large cannon which is difficult to keep aimed
> Ethan> away from the foot...
> 
> That it is.  But then, the root password is basically a very large
> cannon built into your shoe.

i would not go that far.  

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgp95ZDvKhc82.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: shared root account
  - From: Eric E Moore <e.e.moore@shef.ac.uk>

References:
- Re: shared root account
  - From: "Robert L. Yelvington" <robert@sciresearch.com>
- Re: shared root account
  - From: Nathan E Norman <nnorman@micromuse.com>
- Re: shared root account
  - From: Ethan Benson <erbenson@alaska.net>
- Re: shared root account
  - From: Eric E Moore <e.e.moore@shef.ac.uk>

Prev by Date: Re: shared root account
Next by Date: Re: shared root account
Previous by thread: Re: shared root account
Next by thread: Re: shared root account
Index(es):
- Date
- Thread