severity 567614 important
thanks
On Wed, Feb 17, 2010 at 09:08:01AM +0100, Sven Joachim wrote:
> On 2010-01-30 09:02 +0100, Luk Claes wrote:
>
> > Fran???s Boisson wrote:
> >> Severity: critical
> >> Tags: security
> >> Justification: root security hole
> >
> > I think this is very much overinfla
Processing commands for cont...@bugs.debian.org:
> severity 567614 important
Bug #567614 [sudo] sudo's default configuration without tty-tickets
Severity set to 'important' from 'critical'
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system ad
On 2010-01-30 09:02 +0100, Luk Claes wrote:
> Fran�s Boisson wrote:
>> Severity: critical
>> Tags: security
>> Justification: root security hole
>
> I think this is very much overinflated and I fail to see the security hole.
>
>> sudo's default configuration is with a timestamp of 15'
>
> I don't
> > So with a classical add of one user (just adding
> >
> > superman ALL=(ALL) ALL
> >
> > as it is done in Ubuntu for instance), a simple script like
> > [...]
> > call one time by superman erase the file system as soon
> > as a sudo call is done. This configuration is very used.
>
> Indeed
Fran�s Boisson wrote:
> Severity: critical
> Tags: security
> Justification: root security hole
I think this is very much overinflated and I fail to see the security hole.
> sudo's default configuration is with a timestamp of 15'
I don't see the problem with that.
> and without tty_tickets.
Ne
Package: sudo
Version: 1.7.2p1-1
Severity: critical
Tags: security
Justification: root security hole
sudo's default configuration is with a timestamp of 15'
and without tty_tickets.
So with a classical add of one user (just adding
superman ALL=(ALL) ALL
as it is done in Ubuntu for instance), a
6 matches
Mail list logo
