Re: Sudo was[Re: Emacs from Xterm]
On Fri, Jul 05, 2002 at 01:32:39AM -0400, Travis Crump wrote:
> >All you have to do is add a line like:
> >
> >YourUserId ALL=(ALL) ALL
> >
> >in the /etc/sudoers and you can use sudo to do everything that you
> >would do as root. /etc/sudoers should be edited using visudo.
> >
> >Steven
> >
> >
>
> including "sudo passwd root"... I have never understood how sudo isn't
> the biggest security risk ever invented. It seems like you really need
> to know what your doing(ie more than I know) to not give your user the
> wrong permissions. Can someone explain to me the benefits of sudo?
> Maybe reading this list has made me overly paranoid, but I have started
> doing everything that requires root on tty3...
The point in using sudo is that you can give limited root privileges to
an user or a group of users. So instead of using "ALL=(ALL) ALL" you can
put "YourUserID = (news) NOPASSWD: /usr/sbin/fetchnews" in /etc/suoers,
allowing that specified user to run fetchnews without being asked for a
password but nothing else, so no 'passwd root' or'cat /etc/shadow'. Pretty
nice, IMHO.
greetings,
Stephen Rüger
--
The better the state is established, the fainter is humanity.
To make the individual uncomfortable, that is my task.
-- Nietzsche
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: