semat wrote:
I have seen configs like user ALL=(ALL) ALL Then there have also been configs like user ALL= (ALL) ALL ! a few commands here Here the admin allowed all comands apart froma few. Of course in this case the silly admin had allowed an editor vi so the sudoer simply run sudo vi then in vi :SHELL and voila he had a root shell.
I saw things like: luser@someserver $ sudo su - root@someserver # no password .. nothing... -- Mit freundlichen Gruessen / best regards, Sven Michels Network Operating Center / Infrastructure */* Wichtig */* Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. */* Important */* This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ----------------------------------------- intraDAT AG Wilhelm Leuschner Strasse 7 u. 9-11 60329 Frankfurt / Germany Tel: +49 69 256 29 - 0 Fax: +49 69 256 29 - 256 http://www.intradat.com --------------------