-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2006-05-09 at 08:31 +0200, houghi wrote:
On Tue, May 09, 2006 at 08:14:21AM +0200, Ulrich Windl wrote:
Running it as root is the purpose of "sudo", but not knowing the root password.
Consider a configuration skeletton (from HP-UX):
# User alias specification User_Alias MEDIA_OPERATOR = %dba, windl
# Cmnd alias specification Cmnd_Alias CHANGE_CD = /usr/sbin/mount /SD_CDROM,\ /usr/sbin/umount /SD_CDROM
MEDIA_OPERATOR ALL=CHANGE_CD
OK. How are you going to change the file if you don't have the root password? Also I did not think that HP-UX was Linux. made my scripts to work on Linux. If it works on something else, great. If not, pity.
The configuration is the same in linux.
With several thousand downloads, I would expect some people complaining. So it seems almost nobody changes the default.
That's bad!
Apparently not really that bad. YMMV.
Well, it means that many people are using sudo in an unsecure way, one that is intended as provisional and temporary. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEYOxJtTMYHG2NR9URAs6/AJ9MWDkSTECqpng6H8kvqPnLCG5ghACfW865 XJXvsL2+/BwIeDsrGEfDBn8= =wIvm -----END PGP SIGNATURE-----