security problems with sudo?

security problems with sudo?

Post by Master P » Thu, 14 Jan 1999 04:00:00



I have been told there are security problems with using sudo to give non
root users the ability to run certain programs as root. Can anyone fill me
in on the details?

--

...............................................................................
Robert Heinlein:
    "Writing is not necessarily something to be ashamed of,
        but do it in private and wash your hands afterwards."
...............................................................................
NOTE:
Please
remove
NOSPAM
from my
e-mail
address
to reply
to me.

 
 
 

security problems with sudo?

Post by James Carlso » Fri, 15 Jan 1999 04:00:00



> I have been told there are security problems with using sudo to give non
> root users the ability to run certain programs as root. Can anyone fill me
> in on the details?

No terrible problems with it, as long as you configure it carefully
and you give these privileges only to trustworthy people.  If you just
put a blanket "user ALL=ALL" into the configuration file, well, you
get what you get ...

It's much better than giving out the root password in most cases,
since with sudo you can track what people do.

Of course, if you've given sudo to malicious users, then you're
completely sunk.

--

IronBridge Networks / 55 Hayden Avenue  71.246W    Vox:  +1 781 372 8132
Lexington MA  02421-7996 / USA          42.423N    Fax:  +1 781 372 8090
"PPP Design and Debugging" --- http://people.ne.mediaone.net/carlson/ppp

 
 
 

1. SUDO and C2 security

Does anyone know what disables (and how) the sudo command when using C2
security on Digital UNIX v4.0b? The setuid and setgid bits don't change,
but the command just quits working! The /etc/sudoers file hasn't changed
either!

Any hints as to where to look would be appreciated.

--
*-----------------------------------------------------------------*
| Applied Benefits Research (ABR)     Phone: (813) 785-2819       |

| Palm Harbor, FL  34684              http : www.abr.com          |
*-----------------------------------------------------------------*

2. IEEE floating-point arithmetic exceptions

3. 'sudo' with Sun C2 security?

4. Large File transfers are slow on NFS v2

5. help needed for sudo, can't find sudo.log

6. What is "I_SETSIG failed 22" ?

7. Sudo Logging Security

8. export environment variable

9. Security Problems? What Security Problems?

10. sudo problem under slackware

11. Help! Problem with sudo for Solaris 2.3

12. HELP: Problems with sudo!

13. Problems with sudo