From owner-freebsd-questions  Sat May  5 15:37:54 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from hecky.it.northwestern.edu (hecky.acns.nwu.edu [129.105.16.51])
	by hub.freebsd.org (Postfix) with ESMTP id 9841837B423
	for <freebsd-questions@FreeBSD.ORG>; Sat,  5 May 2001 15:37:51 -0700 (PDT)
	(envelope-from stuyman@confusion.net)
Received: (from mailnull@localhost)
	by hecky.it.northwestern.edu (8.8.7/8.8.7) id RAA16534;
	Sat, 5 May 2001 17:37:49 -0500 (CDT)
Received: from confusion.net (dhcp089069.res-hall.nwu.edu [199.74.89.69]) by hecky.acns.nwu.edu via smap (V2.0)
	id xma016489; Sat, 5 May 01 17:37:36 -0500
Message-ID: <3AF48067.76ABD833@confusion.net>
Date: Sat, 05 May 2001 17:36:23 -0500
From: Laurence Berland <stuyman@confusion.net>
X-Mailer: Mozilla 4.75 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Sue Blake <sue@welearn.com.au>
Cc: Jonathan Fortin <jfortin@akalink.com>,
	"Jonathan M. Slivko" <jslivko@jeah.net>,
	freebsd-questions@FreeBSD.ORG
Subject: Re: Disabling The Root Account
References: <20010502142336.I30799-100000@awww.jeah.net> <00ba01c0d340$6f1097e0$0200320a@node00> <20010503061301.B6584@welearn.com.au>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

But either a) you set your sudo policy once, and never again OR
	b) your user can edit the sudo policies.  If so, they'll just add
/bin/sh to the configuration.

Or am I missing something?

L:

Sue Blake wrote:
> 
> On Wed, May 02, 2001 at 03:45:25PM -0400, Jonathan Fortin wrote:
> > No.
> > What if someone gets a hold of your password, he wouldnt even need root
> > password to have root access. he would just call /bin/sh via sudo and bam!
> > sudo has it's pros and what you would be doing is a con.
> 
> Well, you do have to understand what you're doing when you configure
> sudo and when you dish out privileges, even to yourself. You also
> have to change the way personal passwords are treated. Otherwise
> don't use sudo, or root for that matter.
> 
> --
> 
> Regards,
>         -*Sue*-
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

-- 
Laurence Berland
Northwestern '04
stuyman@confusion.net
http://www.isp.northwestern.edu/~laurence

"The world has turned and left me here"

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message