From owner-freebsd-questions Wed May 9 23:40:19 2001 Delivered-To: freebsd-questions@freebsd.org Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55]) by hub.freebsd.org (Postfix) with ESMTP id 1779537B42C for ; Wed, 9 May 2001 23:40:16 -0700 (PDT) (envelope-from DougB@DougBarton.net) Received: from DougBarton.net (master [10.0.0.2]) by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id XAA23072; Wed, 9 May 2001 23:39:58 -0700 (PDT) (envelope-from DougB@DougBarton.net) Message-ID: <3AFA37BE.CA62A617@DougBarton.net> Date: Wed, 09 May 2001 23:39:58 -0700 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Sue Blake Cc: Laurence Berland , Jonathan Fortin , "Jonathan M. Slivko" , freebsd-questions@FreeBSD.ORG Subject: Re: Disabling The Root Account References: <20010502142336.I30799-100000@awww.jeah.net> <00ba01c0d340$6f1097e0$0200320a@node00> <20010503061301.B6584@welearn.com.au> <3AF48067.76ABD833@confusion.net> <20010506091423.N220@welearn.com.au> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Sue Blake wrote: > For example, people whose job it is to add users or virtual domains all > day just have sudo access to a couple of commands. Assistant admins can > be given root access to almost everything EXCEPT a few commands like su > and the shells (defined then marked like !THIS). See the example > sudoers file and its man page for ideas. Actually, the sudo documentation fairly clearly describes why this strategy is ineffective. Any user who has access to mv can give themselves a shell, period. There are other vulnerabilities, but this one is the easiest to understand. Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message