[Gllug] re: use of sudo

Tom Taylor ttaylor at fotango.com
Fri Jul 2 11:52:19 UTC 2004


It also makes quite a nice backdoor when you see an unattended root
session.  Then again anyone who leaves unattended root session deserves
to have his system compromised.  Another reason for using sudo instead
of logging in as root.

On Fri, 2004-07-02 at 12:49, Tom Taylor wrote:
> sudo allows users set in a config file (writable only by root (and
> sudoers:-)) that specifies what permisions users can have as sudoers. 
> It allows a controlled set of users to do certain root only things
> without having to give them a root login.  Password wise they have to
> use their own password when using sudo.
> 
> On Fri, 2004-07-02 at 12:43, t.clarke wrote:
> > Does 'sudo' actually run commands as root without having to enter a
> > password ?
> > 
> > If so, it would seem to defeat the whole file-protection mechanism !!
> > 
> > If a file is writeable only by root, I assume there is a good reason for it.
> > 
> > You should only be able to write to that file either by 'being' root or
> > assuming root permissions after entering (usually) the root password
> > blindly on the screen.
> > 
> > It is possible to knock-up a general purpose c program that executes commands
> > as root without a password - but very dangerous !  In any event, as understand
> > it, the > redirector attempts to open the target-file within the currently
> > executing shell, so redirections of this sort would never seem to work if
> > the file permissions are 'wrong'
> > 
> > 
> > Tim
> > 
> > ********************************************************************************
> > This E-Mail and any files transmitted  with it, are confidential
> > and intended solely for the use of the individual or entity to
> > whom they are addressed. If you have received this message
> > in error please notify the sender and delete the message.
> -- 
> Tom Taylor
> Systems Administrator
> Fotango Ltd.
> 
> ttaylor at fotango.com
> http://www.fotango.com
-- 
Tom Taylor
Systems Administrator
Fotango Ltd.

ttaylor at fotango.com
http://www.fotango.com

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list