Re: SUDO vs root account question

• Previous message: Blaine Lefler: "Re: SUDO vs root account question"
• In reply to: Vladamir: "Re: SUDO vs root account question"
• Next in thread: Blaine Lefler: "Re: SUDO vs root account question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 23 Mar 2005 16:32:38 -0800
To: security-basics@securityfocus.com

Is there an advantage to using sudo over suauth? I hadnt considered
this particular scenario, but I think I will from now on...

On Wed, 23 Mar 2005 14:26:26 -0500, Vladamir
<wireless.insecurity@gmail.com> wrote:
> Yes, if the user has full root access and is compromised, the attacker
> will have full root access (the system doesn't know the difference
> between people unless you're using BioMetrics :) )
>
> As for allowing a time limit..
> IIRC the way to do it is:
>
> timestamp_timeout= <timeout limit>
>
> Tahis Vera wrote:
> > Hi all,
> > I have two quick questions related to the 'sudo' command;
> > putting a certain user Mr.X with ALL=(ALL)ALL permissions in the
> > sudoers file, gives him COMPLETE root previleges? In other words, if I
> > want that some people, for security reasons, stop using the root
> > account/password for accessing the servers, by crating a sudo user
> > with ALL previledges will decrease this risk? If this sudo account is
> > compromised, will the cracker have COMPLETE root previleges?
>
> > The other questions is how to set the time (in sudoers file) for the
> > user to work with sudo, without having to write the password (let's
> > say that I want to work for 20 minutes without having to write the
> > password again)
> >
> > regards
> >
> > Tahis
> >
>

• Previous message: Blaine Lefler: "Re: SUDO vs root account question"
• In reply to: Vladamir: "Re: SUDO vs root account question"
• Next in thread: Blaine Lefler: "Re: SUDO vs root account question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SUDO vs root account question ... gives him COMPLETE root previleges? ... If this sudo account is ... sudo decreases surely the risk to compromise actions as a root user ... (Security-Basics) Re: SUDO vs root account question ... That would give him root privs, he could sudo su -, and that's that. ... If this sudo account is ... will the cracker have COMPLETE root previleges? ... (Security-Basics) Re: SUDO vs root account question ... Yes, if the user has full root access and is compromised, the attacker ... > account/password for accessing the servers, by crating a sudo user ... will the cracker have COMPLETE root previleges? ... (Security-Basics) Re: Card Reader ... Running your script ... instead of sudo is worthless because your script *can't do ... And of course it doesn't ask for a root password, ... >> That's just more bullshit Bryan, and you might as well leave ... (rec.photo.digital) Re: hi all.. ... And with sudo, I certainly wouldn't because they already have root. ... If you somehow had access to my account right now, ... install an effective key logger without root. ... (Fedora)