Re: root group in solaris
- From: Tonnerre Lombard <tonnerre.lombard@xxxxxxxxxx>
- Date: Tue, 19 Sep 2006 08:11:29 +0200
Salut,
On Mon, 2006-09-18 at 15:43 -0400, Curt Tucker wrote:
Of course, someone with sudo rights to ALL like this can easily get
around not being able to "sudo su -" in a dozen ways (like "sudo
/bin/ksh", etc.).
You tend to forget about the builtin sudo -s
Also, what about sudo visudo or sudo vi /etc/sudoers? One could easily
get around this restriction that way too.
There is no way to protect yourself from root privileges except by
limiting the code that may be executed (e.g. via a setuid binary or by
limiting the executable system calls).
Tonnerre
--
SyGroup GmbH
Tonnerre Lombard
Loesungen mit System
Tel:+41 61 333 80 33 Roeschenzerstrasse 9
Fax:+41 61 383 14 67 4153 Reinach BL
Web:www.sygroup.ch tonnerre.lombard@xxxxxxxxxx
Attachment:
signature.asc
Description: This is a digitally signed message part
- References:
- RE: root group in solaris
- From: Freeman, Michael
- Re: root group in solaris
- From: Curt Tucker
- RE: root group in solaris
- Prev by Date: Re: root group in solaris : Tools
- Next by Date: Re: root group in solaris
- Previous by thread: Re: root group in solaris
- Next by thread: Re: root group in solaris
- Index(es):
