Re: sudoer security problem on server
2009/3/29 zhang zhengquan <email@example.com>:
> Hi, there,
> I am exposed to a sudoer security problem on a server.
> the server is running debian etch and every so often users on it
> would ask me for sudoer permissions.
> I would simply add
> username ALL=(ALL) ALL
user localhost = NOPASSWD: /path/to/command/without/password,
/bin/kill PASSWD: /path/to/command/with/pass /bin/ls, /usr/bin/lprm
Would be more appropriate. man sudoer for details.
Read http://blog.sudev.in for topics ranging from here to there.
PS: I know most of people do not follow email niceties (mostly they
are not aware) but if you follow bottom post/in-line post style of
email conversations it becomes a whole lot easier to carry on
meaningful dialogue and you can snip out what is not meaningful too.
Most people just hit reply button and top post leaving prior message
appended uselessly at bottom. See if you can adopt this style and
persuade others. In case you are already doing this ..... great,
spread the message.