On Fri, 27 Aug 2010 19:20:57 +0300, "Aldis Berjoza" <[email protected]> wrote: > On Fri, 27 Aug 2010 17:32:18 +0300, Marian Hettwer <[email protected]> wrote: > >> On Fri, 27 Aug 2010 15:27:07 +0100, István <[email protected]> wrote: >> >>> Well to be honest i don't see any case when i want to give sudo+tcpdump >>> access to any user on my box. And those who are admins/roots anyway the >> >>> "su >>> -" just works perfectly and they can run tcpdump. >>> >> Well, that wasn't an answer to my question or the claim of Andy. >> In fact, if you need to give access to some root-only binaries to a >> normal user, sudo(8) is the way to go. >> With "su -" you would allow full root-access, even though you might >> just want to allow specific commands to an unprivileged user. >> >> so. ehm. no! >> In fact, I would suggest to disable root, so that su - doesn't work at >> all. >> >> ./Marian > > Ye, and once sudo is broken (somehow, for whatever reason) you have > lot's of fun (especially on servers) :D
Well, yeah, if it's up to me, I'd like to see sudo in BASE, as OpenBSD does it :) ./Marian _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
