Mailinglist Archive: opensuse (3217 mails)

< Previous Next >
Re: [SLE] sux vs. xhost (WAS: Re: [SLE] Xlib)
  • From: Ben Rosenberg <ben@xxxxxxxxx>
  • Date: Mon, 1 Mar 2004 13:53:29 -0800
  • Message-id: <20040301215329.GB21809@xxxxxxxxx>
* Paul W. Abrahams (abrahams@xxxxxxx) [040301 13:41]:
>On Monday 01 March 2004 3:42 pm, Patrick Shanahan wrote:
>
>> sudo _should_not_ allow you to operate root priv w/o password unless
>> you have specifically altered /etc/sudoers. And if you did, you
>> apparently do not care about security.

It's not that one doesn't care about security. I for one don't like
logging in as root and what if a cracker got in a replaced su or sux
with something they wrote? How would you know? You wouldn't unless you
had tripwire or something else. I have NO ONE in my /etc/sudoers file
except myself and the entry is as follows....

ben ALL=(ALL) NOPASSWD:ALL

This lets me do things like " sudo yast2 " and run it in X so that I can
do what I need to do and as soon as the program exits ..poof..
everything is back to normal user.

So if your trying to display programs and such remotely why not to it
through an ssh tunnel?

>Things like email viruses are another matter, but so far the virus writers
>don't seem to consider Linux mailers a worthwhile target.

This is true...because Mutt had a security issue not so long ago that
would have been a nice target for script kiddies. But then again people
who use mutt aren't easy to social engineer to just fire off anything at
will. :)

--
Linux User #147972 ---===--- mailto:ben@xxxxxxxxx
--
"There is no need to teach that stars can fall out of the sky
and land on a flat Earth in order to defend religious faith."

< Previous Next >