[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Could sudo be an security issue?

On Fri, May 16, 2003 at 03:50:46AM -0500, lemuel typhair wrote:
> xbud wrote:
> >good point, but this is not entirely true.
> >In the case where a user simply does a 
> >sudo su -
> >or a 
> >sudo sh
> >only the first command will be logged.
> yes this is so true, but would you really give root to someone who does 
> not follow the rules to begin with?  if i ever saw that they did that in 
> the logs, the would never have root again... 

You can lock down the commands that can be run. Restricting su and the
shells are simple enough and should always be done... There are other
holes though.

For instance:
> sudo vi /etc/hosts
then, inside vi type ":!bash"

Bam ... A root shell that's not logged. I know there's a way to restrict
this in vim, but I'm not sure about all the shells.

-B

-- 
Brandon High                                     armitage@freaks.com
'98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '02 BMW R1150RS "Troll"
The world is a comedy to those that think, a tragedy to those that feel.
Reply to: