Re: Sudo question
On Fri, Jul 08, 2005 at 12:58:44PM +0200, Florian Weimer wrote:
> * Johann Spies:
>
> > alias specification Cmnd_Alias BACKUP =
> > /opt/tivoli/tsm/client/ba/bin/dsm, \
> > /opt/tivoli/tsm/client/ba/bin/dsmadmc, \
> > /opt/tivoli/tsm/client/ba/bin/dsmc, \
> > /opt/tivoli/tsm/client/ba/bin/dsmagent,\
> > /opt/tivoli/tsm/client/ba/bin/dsmcad,\
> > /opt/tivoli/tsm/client/ba/bin/dsmj,\
> > /opt/tivoli/tsm/client/ba/bin/dsmtca
> >
> > # User privilege specification
> > RUGSTEUN ALL= (root) BACKUP
> > ============================
>
> IIRC, the TSM command line clients suffer from several buffer
> overflows, so this is roughly equivalent to giving away full root
> access.
In theory, yes. At least the person who is able to do this is a
fellow administrator in my department.
What alternatives are there?
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"And I saw a great white throne, and him that sat on
it, from whose face the earth and the heaven fled
away; and there was found no place for them. And I saw
the dead, small and great, stand before God; and the
books were opened; and another book was opened, which
is the book of life; and the dead were judged out of
those things which were written in the books,
according to their works." Revelations 20:11,12
Reply to: