From owner-freebsd-security@FreeBSD.ORG Thu Jul 21 20:26:24 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 391DB16A41F for ; Thu, 21 Jul 2005 20:26:24 +0000 (GMT) (envelope-from smajor@gmail.com) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C8DC43D55 for ; Thu, 21 Jul 2005 20:26:21 +0000 (GMT) (envelope-from smajor@gmail.com) Received: by rproxy.gmail.com with SMTP id r35so61353rna for ; Thu, 21 Jul 2005 13:26:21 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:x-pgp-universal:to:subject:date:mime-version:x-mailer:thread-index:x-mimeole:x-content-pgp-universal-saved-content-transfer-encoding:x-content-pgp-universal-saved-content-type:content-transfer-encoding:content-type:from:message-id; b=b3ATHGliRHX6x08kaXFWSh9i+4+RagDaQoeN3Kpz5SeqhJvvxxbKUgfaftdZ7QfiFfhMXNZQcXZuq5cQS9Knz7kTI97euA5oGBhgJisljS+Z094077TATE23aHGucvIOT9SeCxuG/MUEw1kttTtHKNLRDNHgP1r4Pod2wTcQtzM= Received: by 10.38.90.13 with SMTP id n13mr1796175rnb; Thu, 21 Jul 2005 13:14:29 -0700 (PDT) Received: from p3 ([10.254.2.225]) by mx.gmail.com with ESMTP id f3sm1397192rne.2005.07.21.13.14.22; Thu, 21 Jul 2005 13:14:22 -0700 (PDT) Received: from p3 by p3 (PGP Universal service); Thu, 21 Jul 2005 13:14:22 -0800 X-PGP-Universal: processed; by p3 on Thu, 21 Jul 2005 13:14:22 -0800 To: Date: Thu, 21 Jul 2005 13:14:20 -0700 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: AcWOL+z05BBJgdZWSJyN+RfMPIoUxAAAFOXQ X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 X-Content-PGP-Universal-Saved-Content-Transfer-Encoding: 7bit X-Content-PGP-Universal-Saved-Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii" From: Stephen Major Message-ID: <42e0021e.33f67733.0713.2213@mx.gmail.com> Subject: FW: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2005 20:26:24 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Thank you!!! He is saying he wants it to replace su I do not care what they do with sudo as long as su does not get touched. And if it is a default in the base system a must would be to leave the ALL line commented out in the sudoers file. So people who do not want their users to have access to sudo are not stuck with it being a default. - -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Kurt Seifried Sent: Thursday, July 21, 2005 1:09 PM To: freebsd-security@freebsd.org Subject: Re: Adding OpenBSD sudo to the FreeBSD base system? Uhh you people realize sudo is COMPLEMENTARY to su? All my Linux and OpenBSD systems (wait for it.....) have _both_ installed by default. Crazy huh? Some example commands: sudo ifconfig blah [enters own password] sudo su - [enters own password] sudo sendmail -q [enters own password] su - [enters root password] Whoa! what's #2? And what's #4? Holy cow! Folks, this is by far the stupidest argument/discussion I have ever seen on a security related mailing list (and I've been on BugTraq and Full-Disclosure for a long time so that's saying something). sudo is complementary to su, you can have both, and sudo has 0, repeat 0 (just to make sure) I repeat _0_ impact on su. It does not replace su. It does not change su's behavior. It does not break su. You can still use su as before, your script will work as expected (I promise). - -Kurt Seifried _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.1 (Build 2185) iQEVAwUBQuACHqKXvLS903/FAQrJ6QgAsUTD2kvgFPvjjadyb2btN3xWwtEMhyxV nHd1innapH88wcvolXXaNQEGTy7+ZYdiTuJqhud7Whq5vDA7yBfPnzyY8MrdWHtt w64qQPgpwlPRs9J7TH08R/oWmgJhsC1k/vz3oYu9n4cmz/ElLVKBQMzkYZykOEE5 04qHhfFogTudLDZ0AO3ArD3OWV7trTZjDFvJ5sE9AOHofjx2LY9Rxc41+l0Sb5K/ g68PvFtspkRjLhrv41H0NQFEmr/RNiktCfanhdVfbsHfwCnUzp1zbt8uFxfn80t5 mv2ZDG/DwWx4IY6eP/y3U12Bj6cQJlcRDh2WO9Nu84KNoDEiggUhZw== =KXmy -----END PGP SIGNATURE-----