From owner-freebsd-security  Wed Mar 27 21:13:13 2002
Delivered-To: freebsd-security@freebsd.org
Received: from C-Tower.Area51.DK (c-tower.area51.dk [212.242.89.130])
	by hub.freebsd.org (Postfix) with SMTP id B301037B419
	for <security@freebsd.org>; Wed, 27 Mar 2002 21:13:09 -0800 (PST)
Received: (qmail 66874 invoked by uid 1007); 28 Mar 2002 05:13:04 -0000
Date: Thu, 28 Mar 2002 05:13:04 +0000
From: Alex Holst <a@area51.dk>
To: security@freebsd.org
Subject: Re: sudo.. a better way maybe?
Message-ID: <20020328051304.GA63631@area51.dk>
References: <20020327123320.T82300@switchblade.cyberpunkz.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <20020327123320.T82300@switchblade.cyberpunkz.org>
User-Agent: Mutt/1.3.28i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Quoting Rob Andrews (rob@cyberpunkz.org):
> Sudo is safe provided that a users password and account are not compromised
> by an outside forced intrusion.  However.  In the event that someone does
> gain access to a user account which does have sudo permission on the machine
> (This happened during a period where there was an openssh bug which allowed
> users on another system to gain passwords being used by other system users
> which were logging into remote system via the hacked system) it would be
> a simple thing to just sudo with the users current password which they
> already have in hand.

This sounds like a policy question. First, if you are running vulnerable
or trojaned software, all bets are off anyway. Install a file integrity
checker. Second, most users wouldn't need blanket sudo access. 

Staff *might* need blanket sudo access. If you are so worried about
compromised accounts, why are you using password-based authentication
for logins and sudo access in the first place? Get a two factor
authentication solution.

-- 
I prefer the dark of the night, after midnight and before four-thirty,
when it's more bare, more hollow.                  http://a.area51.dk/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message