ubuntu-devel@lists.ubuntu.com
[Top] [All Lists]
<prev [Date] next>
<prev [Thread] next>

Re: Misconfiguration of sudo is insecure

from [Tollef Fog Heen]
Subject: Re: Misconfiguration of sudo is insecure
From: Tollef Fog Heen
Date: Wed, 29 Mar 2006 11:34:55 +0200 
* Paul Sladen 

| On Thu, 23 Mar 2006, Yuki Cuss wrote:
| > Please try `sudo -i'. You may find it is a more secure option.
| 
| No.  NO.  Please, no.
| 
| Now you have a shell open where *every* command you type is running with
| unchecked priviliges and it the commands _aren't being logged_.

If you want process accounting, use process accounting.  Don't rely on
sudo or similar tools logging.

-- 
Tollef Fog Heen                                                        ,''`.
UNIX is user friendly, it's just picky about who its friends are      : :' :
                                                                      `. `' 
                                                                        `-  

-- 
ubuntu-devel mailing list
ubuntu-devel@xxxxxxxxxxxxxxxx
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: file-roller missing menu item, Sebastien Bacher
Next by Date:  Re: Ubuntu On a Stick, Tollef Fog Heen
Previous by Thread:  Re: Misconfiguration of sudo is insecure (Was: Sudo even more secure), Chris Jones
Next by Thread:  Re: Misconfiguration of sudo is insecure (Was: Sudo even more secure), Eric Feliksik
Indexes:  [Date] [Thread] [Top] [All Lists]