Tonnerre Lombard <[EMAIL PROTECTED]> wrote on 09/26/2006
10:38:40 PM:
> On Tue, 2006-09-26 at 17:09 -0700, Jonathan Leffler wrote:
> > > What if one of the commands is /bin/ksh? Or if the person in
question
> > > runs sudo /bin/ksh?
> >
> > Download the source (v1.6.3 is available from SourceForge). Try it.
[...]
>
> This is absolutely clear to me. I was thinking more in the lines of
> "Wouldn't that give the user the right to do whatever he wants, even if
> he didn't initially get the permission to do it in /etc/sudoers, and
> wouldn't that give the user even the right to _change_ /etc/sudoers?"
Sorry - I misunderstood your concern.
Yes, it gives the user permission to do whatever he wants (which isn't
quite the same as the right to do whatever he wants - but the difference
would take some explaining). And yes, as I mentioned, the user could
change the sudosh log files, and /etc/sudoers, and so on.
I generally take the view that if you can't trust the users with root
privileges, you are in for a very difficult time - usually stated in the
more absolute form "root can do anything", where anything includes erasing
or replacing the o/s (though the reboot can be tricky over a network). It
might be over-simplistic as a view; it isn't too far removed from the
truth.
--
Jonathan Leffler ([EMAIL PROTECTED])
STSM, Informix Database Engineering, IBM Information Management Division
4100 Bohannon Drive, Menlo Park, CA 94025-1013
Tel: +1 650-926-6921 Tie-Line: 630-6921
"I don't suffer from insanity; I enjoy every minute of it!"
