[UFO Chicago] sudo exploit

Nick Moffitt nick@zork.net
Wed, 18 Jul 2001 14:11:01 -0700


begin  Peter A. Peterson II quotation:
> I really like being able to say "sudo newlist" or "sudo chmod" without
> having to open a root shell that, knowing me, I will forget and leave
> open. 

	Far better to have something like the following:

%listmgrs	ALL=/usr/sbin/newlist

	So that people in the "listmgrs" group can make new mailing
lists without having root power for everything else.  That way you can
delegate jobs out.  I won't deny that this has its own security
implications (what if the newlist program is susceptible to attack?).


-- 
You are not entitled to your opinions.
 
	01234567 <- The amazing* indent-o-meter! 
        ^	    (*: Indent-o-meter may not actually amaze.)