Security Basics mailing list archives
Re: SUDO vs root account question
From: Louis Lerman <lblerman () gmail com>
Date: Wed, 23 Mar 2005 10:57:47 -0800
Tahis - First off, the "Mr X ALL=(ALL)ALL" line will allow Mr.X to run any command as any user on any server. So I do not know if you want to all this. I recently had to aid some SysAdmins at my company restrict users access via SUDO. I found this page, http://www.courtesan.com/sudo/, very helpful as it had an example /etc/sudoers file, http://www.courtesan.com/sudo/sample.sudoers, that should be able to guide you to limit users access via SUDO as it enabled me to create the appropriate entries in the /etc/sudoers file. Regards, Louis On Wed, 23 Mar 2005 10:47:30 +0200, Tahis Vera <tahis.vera () gmail com> wrote:
Hi all, I have two quick questions related to the 'sudo' command; putting a certain user Mr.X with ALL=(ALL)ALL permissions in the sudoers file, gives him COMPLETE root previleges? In other words, if I want that some people, for security reasons, stop using the root account/password for accessing the servers, by crating a sudo user with ALL previledges will decrease this risk? If this sudo account is compromised, will the cracker have COMPLETE root previleges? The other questions is how to set the time (in sudoers file) for the user to work with sudo, without having to write the password (let's say that I want to work for 20 minutes without having to write the password again) regards Tahis
Current thread:
- SUDO vs root account question Tahis Vera (Mar 23)
- Re: SUDO vs root account question Joe Polk (Mar 23)
- Re: SUDO vs root account question Louis Lerman (Mar 23)
- Re: SUDO vs root account question Jacob Bresciani (Mar 23)
- Re: SUDO vs root account question xyberpix (Mar 23)
- Re: SUDO vs root account question RichardR (Mar 23)
- Re: SUDO vs root account question Ian (Mar 23)
- Re: SUDO vs root account question Ian (Mar 23)
- Re: SUDO vs root account question Vladamir (Mar 23)
- Re: SUDO vs root account question Teresa Hasheminejad (Mar 24)
- Re: SUDO vs root account question Blaine Lefler (Mar 24)