Re: SUDO vs root account question

• Previous message: Joe Polk: "Re: SUDO vs root account question"
• In reply to: Tahis Vera: "SUDO vs root account question"
• Next in thread: Jacob Bresciani: "Re: SUDO vs root account question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 23 Mar 2005 10:57:47 -0800
To: Tahis Vera <tahis.vera@gmail.com>

Tahis -

First off, the "Mr X ALL=(ALL)ALL" line will allow Mr.X to run any
command as any user on any server. So I do not know if you want to all
this.

I recently had to aid some SysAdmins at my company restrict users
access via SUDO. I found this page, http://www.courtesan.com/sudo/,
very helpful as it had an example /etc/sudoers file,
http://www.courtesan.com/sudo/sample.sudoers, that should be able to
guide you to limit users access via SUDO as it enabled me to create
the appropriate entries in the /etc/sudoers file.

Regards,

Louis

On Wed, 23 Mar 2005 10:47:30 +0200, Tahis Vera <tahis.vera@gmail.com> wrote:
> Hi all,
> I have two quick questions related to the 'sudo' command;
> putting a certain user Mr.X with ALL=(ALL)ALL permissions in the
> sudoers file, gives him COMPLETE root previleges? In other words, if I
> want that some people, for security reasons, stop using the root
> account/password for accessing the servers, by crating a sudo user
> with ALL previledges will decrease this risk? If this sudo account is
> compromised, will the cracker have COMPLETE root previleges?
>
> The other questions is how to set the time (in sudoers file) for the
> user to work with sudo, without having to write the password (let's
> say that I want to work for 20 minutes without having to write the
> password again)
>
> regards
>
> Tahis
>

• Previous message: Joe Polk: "Re: SUDO vs root account question"
• In reply to: Tahis Vera: "SUDO vs root account question"
• Next in thread: Jacob Bresciani: "Re: SUDO vs root account question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]