[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sudoer security problem on server

2009/3/29 zhang zhengquan <zhang.zhengquan@gmail.com>:
> Hi, there,
> I am exposed to a sudoer security problem on a server.
> the server is running debian etch and every so often users on it
> would ask me for sudoer permissions.
> I would simply add
> username ALL=(ALL) ALL

user  localhost =  NOPASSWD: /path/to/command/without/password,
/bin/kill PASSWD: /path/to/command/with/pass /bin/ls, /usr/bin/lprm

Would be more appropriate. man sudoer for details.

Sudev Barar
Read http://blog.sudev.in for topics ranging from here to there.

PS: I know most of people do not follow email niceties (mostly they
are not aware) but if you follow bottom post/in-line post style of
email conversations it becomes a whole lot easier to carry on
meaningful dialogue and you can snip out what is not meaningful too.
Most people just hit reply button and top post leaving prior message
appended uselessly at bottom. See if you can adopt this style and
persuade others. In case you are already doing this ..... great,
spread the message.

Reply to: