Reinhard Tartler
siretart at gmail.com
Fri Nov 25 03:02:10 CST 2005
On 11/24/05, Ivan Krstic <krstic at fas.harvard.edu> wrote:
> Martin Pitt wrote:
> > ... This can lead to unexpected privilege escalation, and also would
> > probably break horribly when using a centralized authentication
> > database (NIS, LDAP, etc).
>
> We could probably sanely check for centralized authentication, and if
> there's any doubt about whether it's used, we could skip that part of
> the upgrade.
I don't think it is that easy. If we would do that, we would need some
heuristics to detect, if the upgrade is a 'simple' upgrade from warty
or even sarge, or from a setup with a modified and/or sophisticated
setup. What about system, where the system administrator chooses that
selected users (in a custom group, be it centralized or not) may
execute network-admin without password and besides that, no commands
as root at all? In this case, it is up for the local admin to update
the /etc/sudoers for his needs. And I think this is the point pitti is
concerned.
Sudo configuration can really be a beast, espc. when you have a
distributed and sophisticated sudo config, which we have to support,
since sudo is in main!
--
regards,
Reinhard
More information about the ubuntu-devel
mailing list