Re: [orca-list] Orca and Administration in Ubuntu 8.04 steps.

From: Daniel Dalton <d dalton iinet net au>
To: Jason White <jason jasonjgw net>
Cc: orca list <orca-list gnome org>
Subject: Re: [orca-list] Orca and Administration in Ubuntu 8.04 steps.
Date: Mon, 19 May 2008 21:10:26 +1000 (EST)

On Mon, 19 May 2008, Jason White wrote:

On Mon, May 19, 2008 at 10:48:20AM +0100, Alastair Irving wrote:

I'm not sure I agree with some of your permision changes.  In particular,
doesn't putting /etc/sudoers to 777 make it readable writable and executable
by everyone?  Then, since sudoers controls who can do what with sudo, surely
anyone can gain root access just by modifying the file?


Correct. This is guaranteed to give you a major security problem.

Exactly, even though it won't work you can still add your user name tosudoers.Luckily, sudo is a little bit smart and won't work. If its 777, you getthis error:

sudo: /etc/sudoers is mode 0777, should be 0440

I think you aren't at a very big risk because chmod requires root, but itsstill not good.


--
Daniel Dalton

http://members.iinet.net.au/~ddalton/
<d dalton iinet net au>

References:
- [orca-list] Orca and Administration in Ubuntu 8.04 steps.
  - From: Darragh
- Re: [orca-list] Orca and Administration in Ubuntu 8.04 steps.
  - From: Alastair Irving
- Re: [orca-list] Orca and Administration in Ubuntu 8.04 steps.
  - From: Jason White

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]