Passwordless sudo considered harmful (was: Re: (K)ubuntu usplash)
Giorgos Keramidas
keramida at ceid.upatras.gr
Fri Jan 6 15:30:17 EET 2006
On 2006-01-05 19:18, Giannis Beredimas <mperedim at ceid.upatras.gr> wrote:
>>> Και όλα αυτά επειδή η MS είχε κάνει εξ αρχής βλακεία και αν
>>> δεν είσαι στο Administrator group, δεν μπορείς να δουλέψεις
>>> σωστά.
>>
>> To opoio den exei kamia apolytws sxesh me to sudo sto ubuntu.
>
> Gia thn akribeia einai sxedon to idio, apo th stigmh pou me
> sudo mporeis na kaneis *ta panta* xwris na ksanabaleis password
> (opws kai sta Windows). H monh diafora einai oti by default o
> xrhsths einai non-root.
Einai entelws lathos o tropos pou xrhsimopoiei to sudo to 90% toy
kosmoy (i.e. me ``NOPASSWD: ALL''). O basikos skopos tou sudo
den einai na mporeis opoiadhpote stigmh na trekseis:
$ sudo rm -fr /
alla na mporeis na dineis apo user A to password tou user A (ki
oxi ena ``koino mystiko'' password) gia na allakseis ta
dikaiwmata sou se user B (opoy to B mporei na einai gia orismenes
entoles akomh kai ``root'').
Twra tha mou peis, ``egw ta kserw ayta re Keramida''. Apla ta
grafw gia na mh meinei kapoios pou diabazei to ypoloipo thread
oti to na mporeis na trekseis thn parapanw ``rm -fr /'' entolh
xwris password einai h kalyterh efeyresh tou an8rwpou meta ta
pshfiaka rologia.
More information about the Linux-greek-users
mailing list