Date: Thu, 25 Mar 1999 18:20:50 -0500 (EST) From: Jeff Aitken <jaitken@aitken.com> To: drosih@rpi.edu (Garance A Drosihn) Cc: dillon@apollo.backplane.com, bmah@CA.Sandia.GOV, freebsd-security@FreeBSD.ORG Subject: Re: sudo (was Re: Kerberos vs SSH) Message-ID: <199903252320.SAA07455@eagle.aitken.com> In-Reply-To: <v04011701b32060ab1ee4@[128.113.24.47]> from Garance A Drosihn at "Mar 25, 1999 05:05:18 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> When working with lots of sysadmin's and lots of machines, sudo > is a very useful tool. At least, it (or programs like it) are > better than other alternatives. > > It beats making executables setuid, for instance. > It beats having lots of different people with the password to > root, and the ability to run *anything* and do *anything* that > they want. Out of curiosity, to what programs do you typically grant people sudo access? Is it not true that most "useful" programs a sysadmin might need to do his job contain some way of exec'ing another program? For example, you can't use sudo to grant access to a text editor of any sort without implicitly giving full root access. What else do you want done as root that doesn't have a similar problem? Change someone's password? Add a user? Each of these can be trivially exploited to gain full root access. I'm not saying it is useless, but I do wonder about the practical benefits of the sudo/super approach. Are you using it to provide additional security or are you just trying to prevent accidental mistakes as root? --Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903252320.SAA07455>