Date: Sat, 20 Jul 1996 04:52:53 +1000 (EST) From: andrew@ugh.net.au To: FreeBSD-gnats-submit@freebsd.org Subject: ports/1405: Default sudoers file Message-ID: <199607191852.EAA02330@sally.ugh.net.au> Resent-Message-ID: <199607191900.MAA13187@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 1405 >Category: ports >Synopsis: sudoers file that comes with the sudo package for 2.1.5 has users already added. >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Jul 19 12:00:01 PDT 1996 >Last-Modified: >Originator: Andrew >Organization: >Release: FreeBSD 2.1-STABLE i386 >Environment: FreeBSD-2.1.5. sudo 1.4 >Description: When adding the sudo package for 2.1.5 a sudoers file is installed that already contains certain users (jkh, gpalmer, asami). Admittedly quite respectable people but if someone had users with the same logins on their machine those users would presumably have root access between the time root installs sudo and root modifies the sudoers file. >How-To-Repeat: pkg-add sudo-1.4.tgz The sudoers file is in /usr/local/etc. >Fix: Remove these users from the sudoers file before taring the port. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607191852.EAA02330>