Date: Tue, 10 Jun 2003 01:04:25 -0600 From: Brett Glass <brett@lariat.org> To: Doug Barton <DougB@freebsd.org> Cc: security@freebsd.org Subject: Re: Removable media security in FreeBSD Message-ID: <4.3.2.7.2.20030610010227.02a68ed0@localhost> In-Reply-To: <20030609162102.U5564@12-234-22-23.pyvrag.nggov.pbz> References: <200306092254.QAA10240@lariat.org> <200306092254.QAA10240@lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 05:21 PM 6/9/2003, Doug Barton wrote: >On Mon, 9 Jun 2003, Brett Glass wrote: > >> Allowing the user to use sudo would effectively be giving him/her root >> privileges, which we explicitly don't want to do. > >No it wouldn't. You can specify the commands that you allow each user to >run. Ah, but letting the user mount and unmount things effectively lets that person do anything he or she wants, by switching around what's mounted at key mountpoints. --Brett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20030610010227.02a68ed0>