Misconfiguration of sudo is insecure
Tollef Fog Heen
tfheen at canonical.com
Wed Mar 29 10:34:55 BST 2006
* Paul Sladen
| On Thu, 23 Mar 2006, Yuki Cuss wrote:
| > Please try `sudo -i'. You may find it is a more secure option.
|
| No. NO. Please, no.
|
| Now you have a shell open where *every* command you type is running with
| unchecked priviliges and it the commands _aren't being logged_.
If you want process accounting, use process accounting. Don't rely on
sudo or similar tools logging.
--
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'
`-
More information about the sounder
mailing list