Re: sudo su gives root without prompting for a password

To: debian-user@lists.debian.org
Subject: Re: sudo su gives root without prompting for a password
From: Stephen Touset <stephen@touset.org>
Date: Tue, 09 Dec 2003 15:54:34 -0500
Message-id: <[🔎] 1071003274.6682.1.camel@localhost>
In-reply-to: <[🔎] 2020.213.193.180.46.1070979386.squirrel@camelot.ddts.net>
References: <[🔎] 006701c3bd22$ec71e210$0a00a8c0@camelot> <[🔎] 1070963370.3055.11.camel@localhost> <[🔎] 2020.213.193.180.46.1070979386.squirrel@camelot.ddts.net>

On Tue, 2003-12-09 at 09:16, Benedict Verheyen wrote:
> > On Sun, 2003-12-07 at 19:33, Stephen Touset wrote:
> <snip>
> > My suggestion? If being able to use "su" without a password gives you
> > the heebie-jeebies (as well it should), then be far more restrictive in
> > what you allow in /etc/sudoers. After all, if you're just going to allow
> > complete access with "sudo", you might as well just use "su".
> 
> Well, that's my problem: i don't know how i could tighten this some more
> My /etc/sudoers file looks like this:
>    root ALL=(ALL)ALL
>    benedict ALL= NOPASSWD: /usr/bin/find, /bin/cpio,
>       /home/benedict/scripts/backup, /bin/echo, PASSWD: ALL

Yes, but *benedict's* password--not root's. Also, the way sudo is
designed, it will only ask you your own password once (until you close
the shell). If you want to tighten it, remove the "PASSWD: ALL" portion.
What that clause says is essentially, "Allow the user to run any command
as root, as long as his password was specified to sudo at least once in
the current shell."

If you do want the functionality of being able to sudo any command
(you're using sudo just so benedict can execute find, cpio, echo, and
backup passwordless), then your current setup should be alright. If
someone were to theoretically get into benedict's account, and attempt
to use sudo to execute commands as root, he would still be required to
enter your password at least once.

> For my regular user only the commands find, cpio, backip and echo are
> allowed without a password. To execute the other commands a password is
> needed.
> The only way i can see right now to tighten this is to remove the (ALL)ALL
> from root and specify what commands can be run there.
> Or am i seeing this wrong? I have to admit i'm confused about this.
> Sudo seems to give easier access to root as opposed to when i didn't have
> it installed and used su to become root to install/manage things.
> 
> Any suggestions or references to docs showing how to tighten things up
> with sudo are welcome.

I don't know any off the top of my head. However, what I said above
should suffice. The offending part is the "PASSWD: ALL" clause.

> Thanks,
> Benedict
-- 
Stephen Touset <stephen@touset.org>

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Getting kicker back
  - From: Francisco Castellon <castf@shaw.ca>

References:
- sudo su gives root without prompting for a password
  - From: "Benedict Verheyen" <linux4bene@pandora.be>
- Re: sudo su gives root without prompting for a password
  - From: Stephen Touset <stephen@touset.org>
- Re: sudo su gives root without prompting for a password
  - From: "Benedict Verheyen" <linux4bene@pandora.be>

Prev by Date: Re: backports.org routing fixed
Next by Date: Re: Info Problem
Previous by thread: Re: sudo su gives root without prompting for a password
Next by thread: Getting kicker back
Index(es):
- Date
- Thread