Re: Sudo and other root-based security issues

To: Debian listerv <debian-user@lists.debian.org>
Subject: Re: Sudo and other root-based security issues
From: John Hasler <john@dhh.gt.org>
Date: 19 Oct 1999 10:30:07 -0500
Message-id: <[🔎] 877lkjjrls.fsf@hasler.dhh>
In-reply-to: "David J. Kanter"'s message of "Mon, 18 Oct 1999 23:28:38 -0500"
References: <[🔎] 19991018232838.A19186@milwaukee>

David J. Kanter writes:
> But since some commands require root access, and it's a pain to su root
> all the time, how secure is it to run sudo on something like wvdial or
> slrnpull?

wvdial should not require root if your user is in group dip (wvdial may
also require 'dialout': pon does not).  I've never used slrnpull, but I'd
be surprised if it cannot be run as news.

> I'm generally under the impression that once logged on as root and
> on-line with the Internet, anyone can crack into my system. This has got
> to be wrong, right?

Right.  The cracker would rather you were not logged in at all.
-- 
John Hasler                This posting is in the public domain.
john@dhh.gt.org            Do with it what you will.
Dancing Horse Hill         Make money from it if you can; I don't mind.
Elmwood, Wisconsin         Do not send email advertisements to this address.

Reply to:

References:
- Sudo and other root-based security issues
  - From: "David J. Kanter" <djkanter@nwu.edu>

Prev by Date: ncurses driving me nuts
Next by Date: MacOS and Intel Linux mixed network
Previous by thread: RE: Sudo and other root-based security issues
Next by thread: problems with sendmail on new potato laptop
Index(es):
- Date
- Thread