[ale] bash commands

Geoffrey Myers lists at serioustechnology.com
Wed May 23 09:16:33 EDT 2012


On 05/21/2012 08:44 AM, Lightner, Jeff wrote:
> I disagree with the purpose of sudo stated previously. It was not
> designed to prevent System Admins from getting root access. It was
> designed to allow NON-system admins to access only those few things they
> need as root without giving them the root password and full root access.
>
> Over time PHBs have somehow decided that even System Admins shouldn’t
> have root which is why you see abominations like “sudo” only distros.
> System Admins do spend a lot of their time as root no matter how much
> hand wringing is done by people that like to claim it isn’t secure.
>
> The sad thing about sudo is how many admins do not seem to understand
> what they’re giving to users with it. The first place I saw it they gave
> users “sudo vi”. I had to show them what “:!/bin/sh” did in such a
> session. I also had to explain to them why sudo access to shell scripts
> that were not writable only by root in a directory only accessible by
> root was a bad idea.

Had a client do something similar.  Gave me 'sudo gdb'.  Guess what 
folks, at the gdb prompt, type: shell

-- 
Until later, Geoffrey

"I predict future happiness for America if they can prevent
the government from wasting the labors of the people under
the pretense of taking care of them."
- Thomas Jefferson


More information about the Ale mailing list