sudoer security problem on server

To: debian-user@lists.debian.org
Subject: sudoer security problem on server
From: zhang zhengquan <zhang.zhengquan@gmail.com>
Date: Sat, 28 Mar 2009 19:24:54 -0500
Message-id: <[🔎] 128a87f00903281724n65be5152o298441ee4c64f3a0@mail.gmail.com>

Hi, there,
I am exposed to a sudoer security problem on a server.
the server is running debian etch and every so often users on it
would ask me for sudoer permissions.
I would simply add

username ALL=(ALL) ALL

to the /etc/sudoers file. But now I am worried, it is a developement
server that devs on it wants some privileges to install stuffs.
but what I did is literally giving them root privileges. They can do
anything they want on it although I guess they would not do anything
malicious on it.

I wonder if a sysadmin should keep the root privilege safe and not
give sudo to anybody anybody else. and if there is more secure ways of
enabling root privilege to normal users?


Thanks for any pointers.

Z

Reply to:

Follow-Ups:
- Re: sudoer security problem on server
  - From: Sudev Barar <sbarar@gmail.com>
- Re: sudoer security problem on server
  - From: Nate Bargmann <n0nb@n0nb.us>
- Re: sudoer security problem on server
  - From: Nate Bargmann <n0nb@n0nb.us>

Prev by Date: Re: managing audiofiles
Next by Date: Re: problem with IP Masquerade in etch
Previous by thread: Re: managing audiofiles
Next by thread: Re: sudoer security problem on server
Index(es):
- Date
- Thread