From owner-freebsd-chat@FreeBSD.ORG  Thu Apr  3 19:17:47 2003
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 52A4C37B401
	for <chat@freebsd.org>; Thu,  3 Apr 2003 19:17:47 -0800 (PST)
Received: from smtpout.mac.com (smtpout.mac.com [17.250.248.87])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 03A8D43FBF
	for <chat@freebsd.org>; Thu,  3 Apr 2003 19:17:45 -0800 (PST)
	(envelope-from lomion@mac.com)
Received: from asmtp01.mac.com (asmtp01-qfe3 [10.13.10.65])
	by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id h343HiGm013224
	for <chat@freebsd.org>; Thu, 3 Apr 2003 19:17:44 -0800 (PST)
Received: from mac.com ([68.39.198.236]) by asmtp01.mac.com
          (Netscape Messaging Server 4.15) with ESMTP id HCSUHJ00.K4C;
          Thu, 3 Apr 2003 19:17:43 -0800 
Date: Thu, 3 Apr 2003 22:17:45 -0500
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v551)
To: Bob Bomar <bulldog@fxp.org>
From: Larry Sica <lomion@mac.com>
In-Reply-To: <20030402230154.GA23852@peitho.fxp.org>
Message-Id: <01758D8D-664C-11D7-AB40-000393A335A2@mac.com>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.551)
cc: Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr>
cc: chat@freebsd.org
Subject: Re: Offtopic
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2003 03:17:47 -0000


On Wednesday, April 2, 2003, at 06:01 PM, Bob Bomar wrote:

> On Tue, Mar 18, 2003 at 01:20:27PM -0600, Fabio Miranda Hamburger 
> wrote:
>> Hi, I have a couple of question:
>>
>> 1. A technique for an intruder to keep a root account was creating a 
>> stuid
>> root shell, that is not possible on FreeBSD nowadays, Why is not 
>> possible?
>> How a program like sudo can do that? Foe example, If i am a sudo 'full
>> admin' I can do this without passwd:
>> %sudo su
>> #
>
> sudo executes the command as root, and since the systems sees su
> being executed as root, you wont need that password.
>

Also it depends on how sudo is setup.  If passwords are enabled you'd 
have to enter your password.

--Larry