Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 25 Mar 1999 14:24:40 -0800 (PST)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        David Gilbert <dgilbert@velocet.ca>
Cc:        bmah@CA.Sandia.GOV (Bruce A. Mah), freebsd-security@FreeBSD.ORG
Subject:   Re: sudo (was Re: Kerberos vs SSH)
Message-ID:  <199903252224.OAA03520@apollo.backplane.com>
References:  <199903252032.MAA25377@stennis.ca.sandia.gov> <199903252044.MAA02527@apollo.backplane.com> <14074.44071.183931.902457@trooper.velocet.ca>
next in thread | previous in thread | raw e-mail | index | archive | help 

:
:>>>>> "Matthew" == Matthew Dillon <dillon@apollo.backplane.com> writes:
:
:Matthew>     Simple: Because the program is designed to poke holes
:Matthew> through root and run specified programs.  It's fairly easy to
:Matthew> misconfigure it, and there is no guarentee that the programs
:Matthew> it runs are themselves secure.  sudo opens up a whole can of
:Matthew> potential security problems.
:
:Well... in that respect, sudo is simply pointing out how stupid the
:UN*X security model is once you get beyond one or two sysadmins
:working on a group of machines.  Security itself isn't easy to
:configure.
:
:Dave.

    If these are sysadmins and they need access to critical root-only portions
    of the machine, you have to give it to them.  No magical security model
    is going to make that problem go away.

    UNIX is being pragmatic about it.  It's just plain silly to run things
    as root that don't need to be run as root.  So don't!  Then the only
    people who need root are the ones that need to be able to work on the
    guts of the machine.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>

:
:-- 
:============================================================================
:|David Gilbert, Velocet Communications.       | Two things can only be     |
:|Mail:       dgilbert@velocet.net             |  equal if and only if they |
:|http://www.velocet.net/~dgilbert             |   are precisely opposite.  |
:=========================================================GLO================
:



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903252224.OAA03520>