[gentoo-doc-cvs] cvs commit: sudo-guide.xml

Wed, 03 Aug 2005 01:13:53 -0700 

swift       05/08/03 08:13:40

  Modified:    xml/htdocs/doc/en sudo-guide.xml
  Log:
  No wrappers either, just do not grant sudo access to users you do not trust 
completely

Revision  Changes    Path
1.4       +9 -6      xml/htdocs/doc/en/sudo-guide.xml

file : 
http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/sudo-guide.xml?rev=1.4&content-type=text/x-cvsweb-markup&cvsroot=gentoo
plain: 
http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/sudo-guide.xml?rev=1.4&content-type=text/plain&cvsroot=gentoo
diff : 
http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/sudo-guide.xml.diff?r1=1.3&r2=1.4&cvsroot=gentoo

Index: sudo-guide.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/sudo-guide.xml,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- sudo-guide.xml      2 Aug 2005 19:23:28 -0000       1.3
+++ sudo-guide.xml      3 Aug 2005 08:13:40 -0000       1.4
@@ -1,6 +1,6 @@
 <?xml version='1.0' encoding="UTF-8"?>
 
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/sudo-guide.xml,v 1.3 
2005/08/02 19:23:28 swift Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/sudo-guide.xml,v 1.4 
2005/08/03 08:13:40 swift Exp $ -->
 
 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
 
@@ -22,8 +22,8 @@
 <!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
 <license/>
 
-<version>1.1</version>
-<date>2005-08-02</date>
+<version>1.2</version>
+<date>2005-08-03</date>
 
 <chapter>
 <title>About Sudo</title>
@@ -130,11 +130,14 @@
 application that can allow people to elevate privileges. For instance, allowing
 users to execute <c>emerge</c> as root can indeed grant them full root access 
 to the system because <c>emerge</c> can be manipulated to change the live file 
-system in the user his advantage. Trust your users, or use a <e>wrapper</e> 
-instead: a script that limits the use of the application to a known set of 
-safe instructions.
+system in the user his advantage. If you do not trust your <c>sudo</c> users,
+don't grant them any rights.
 </p>
 
+<!--
+  Wrappers are no real advantage here either, see #71750
+-->
+
 <p>
 The user name can also be substituted with a group name - in this case you 
 should start the group name with a <c>%</c> sign. For instance, to allow any 



-- 
[email protected] mailing list

Reply via email to