nanog mailing list archives
Re: Tool for virtual networks
From: Grant Taylor via NANOG <nanog () nanog org>
Date: Fri, 15 Jul 2022 12:54:50 -0600
On 7/15/22 11:18 AM, Saku Ytti wrote:
May I request information substantiating the risk.
Have you ever walked away from your terminal without locking it? Or seen anyone else do it?
Unless you are within Sudo's grace period (defaults to five minutes) the person at your keyboard won't be able to authenticate to sudo as you if they have to enter your password.
There are also concerns of changing effective users on systems to one that has the NOPASSWD: option, thereby enabling the original user to do what the new user could do without authenticating as the new user.
As far as I see, infosec is largely horoscopes for IT people.
I don't believe avoiding NOPASSWD: is just a horoscope. -- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Tool for virtual networks Casey Deccio (Jul 14)
- Re: Tool for virtual networks J. Hellenthal via NANOG (Jul 15)
- Re: Tool for virtual networks Casey Deccio (Jul 15)
- Re: Tool for virtual networks Tom Beecher (Jul 18)
- Re: Tool for virtual networks J. Hellenthal via NANOG (Jul 18)
- Re: Tool for virtual networks Casey Deccio (Jul 30)
- Re: Tool for virtual networks Casey Deccio (Jul 15)
- Re: Tool for virtual networks Saku Ytti (Jul 15)
- Re: Tool for virtual networks Grant Taylor via NANOG (Jul 15)
- Re: Tool for virtual networks Saku Ytti (Jul 16)
- Re: Tool for virtual networks Tom Beecher (Jul 18)
- Re: Tool for virtual networks Saku Ytti (Jul 18)
- Re: Tool for virtual networks J. Hellenthal via NANOG (Jul 15)