Fw: Re: cross-platform virus
Peter Garrett
peter.garrett at optusnet.com.au
Sun Apr 9 11:58:19 BST 2006
Begin forwarded message:
Date: Sun, 9 Apr 2006 20:54:38 +1000
From: Peter Garrett <peter.garrett at optusnet.com.au>
To: Yuki Cuss <celtic at sairyx.org>
Subject: Re: cross-platform virus
On Sun, 09 Apr 2006 10:37:57 +0000
Yuki Cuss <celtic at sairyx.org> wrote:
> > Indeed, you are right - perhaps the sudo "ticket" in this case should
> > apply only for the app concerned. Not sure if that is possible, but this
> > does look like a loophole.... Any app requiring sudo seems to open happily
> > without a password if started after, say, synaptic during the time out
> > period. : ( ...
>
> Not a loophole at all; that's the entire *point* of sudo - that it won't
> ask for another password. That usefulness is greatly reduced when you
> start saving tokens per-program/command line.
Please correct me if I'm wrong - I was under the naive impression that
the "whole point" of sudo was originally to give fine-grained control
over who could run what commands requiring administrative privileges.
The fact that it is convenient not to have to re-type a password has not
escaped me. It's kind of glaringly obvious, and last time I looked my IQ
was above room temperature ;-)
That of course is not the point of my post or of the discussion. In the
context, we are discussing whether that convenience miight or might not
give an attacker a way to run something that the person using sudo does
not intend.
I'm all ears if I have misunderstood you :)
Peter
P.S : has it suddenly become normal practice to send direct to the poster,
and CC the list? It's rather redundant as I'm subscribed, and it breaks
"Reply to List" on Sylpheed. Could you avoid it please?
--
Linux User #343161
--
Linux User #343161
More information about the sounder
mailing list