Date: Wed, 3 Jan 2001 13:05:48 +1000 From: "Doug Young" <dougy@bryden.apana.org.au> To: "Jason Halbert" <res02jw5@gte.net>, <JonMS2010@aol.com>, <questions@FreeBSD.ORG> Subject: Re: Security Problem Message-ID: <00cb01c07532$13c13e60$837e03cb@dougy> References: <62.aa1e4b9.2783dd01@aol.com> <009101c0752a$3e873b20$566933d8@xps>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_00C8_01C07585.E3E48B80 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sudo is an application that allows a sysadmin to give a user access to = selected commands. It does not require granting full "su" rights in order to allow a user = to run something normally=20 run as "root". I've not heard of any security "features" but check on = that area yourself ....don't=20 take it as gospel that there aren't any.=20 I think sudo is available as both a sysinstall package & as a port = ....... never looked for source =20 ----- Original Message -----=20 From: Jason Halbert=20 To: JonMS2010@aol.com ; dougy@bryden.apana.org.au ; = questions@FreeBSD.ORG=20 Sent: Wednesday, January 03, 2001 12:09 PM Subject: Re: Security Problem What is sudo? And add host.allow/deny lines to what exactly? --- Jason jason@jason-n3xt.org ----- Original Message -----=20 From: JonMS2010@aol.com=20 To: dougy@bryden.apana.org.au ; res02jw5@gte.net ; = questions@freebsd.org=20 Sent: Tuesday, January 02, 2001 7:40 PM Subject: Re: Security Problem Sudo has several issues security-wise, many of which are FreeBSD = related.=20 However, I will keep this e-mail in my box and will send more = information=20 about the security holes, etc. in it when I find some suitable = URL's. --=20 Jonathan M. Slivko=20 --=20 Jonathan M. Slivko <JonMS2010@AOL.COM>=20 Website: http://hometown.aol.com/JonMS2010=20 FreeBSD -- The Power To Serve!=20 "Microsoft? Is that some kind of toilet paper?"=20 --=20 ------=_NextPart_000_00C8_01C07585.E3E48B80 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>Sudo is an application that allows a = sysadmin to=20 give a user access to selected commands.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>It does not require granting full "su" = rights in=20 order to allow a user to run something normally </FONT></DIV> <DIV><FONT face=3DArial size=3D2>run as "root". I've not heard of = any security=20 "features" but check on that area yourself ....don't </FONT></DIV> <DIV><FONT face=3DArial size=3D2>take it as gospel that there aren't=20 any. </FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>I think sudo is available as both a = sysinstall=20 package & as a port ....... never looked for source=20 </FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <BLOCKQUOTE dir=3Dltr=20 style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; = BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px"> <DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV> <DIV=20 style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: = black"><B>From:</B>=20 <A title=3Dres02jw5@gte.net href=3D"mailto:res02jw5@gte.net">Jason = Halbert</A>=20 </DIV> <DIV style=3D"FONT: 10pt arial"><B>To:</B> <A = title=3DJonMS2010@aol.com=20 href=3D"mailto:JonMS2010@aol.com">JonMS2010@aol.com</A> ; <A=20 title=3Ddougy@bryden.apana.org.au=20 = href=3D"mailto:dougy@bryden.apana.org.au">dougy@bryden.apana.org.au</A> = ; <A=20 title=3Dquestions@FreeBSD.ORG=20 href=3D"mailto:questions@FreeBSD.ORG">questions@FreeBSD.ORG</A> </DIV> <DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Wednesday, January 03, = 2001 12:09=20 PM</DIV> <DIV style=3D"FONT: 10pt arial"><B>Subject:</B> Re: Security = Problem</DIV> <DIV><BR></DIV> <DIV><FONT size=3D2>What is sudo?</FONT></DIV> <DIV><FONT size=3D2>And add host.allow/deny lines to what = exactly?</FONT></DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2>---</FONT></DIV> <DIV><FONT size=3D2>Jason</FONT></DIV> <DIV><FONT size=3D2><A=20 = href=3D"mailto:jason@jason-n3xt.org">jason@jason-n3xt.org</A></FONT></DIV= > <DIV> </DIV> <BLOCKQUOTE=20 style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; = BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px"> <DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV> <DIV=20 style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: = black"><B>From:</B>=20 <A title=3DJonMS2010@aol.com=20 href=3D"mailto:JonMS2010@aol.com">JonMS2010@aol.com</A> </DIV> <DIV style=3D"FONT: 10pt arial"><B>To:</B> <A = title=3Ddougy@bryden.apana.org.au=20 = href=3D"mailto:dougy@bryden.apana.org.au">dougy@bryden.apana.org.au</A> = ; <A=20 title=3Dres02jw5@gte.net = href=3D"mailto:res02jw5@gte.net">res02jw5@gte.net</A> ;=20 <A title=3Dquestions@freebsd.org=20 href=3D"mailto:questions@freebsd.org">questions@freebsd.org</A> = </DIV> <DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Tuesday, January 02, = 2001 7:40=20 PM</DIV> <DIV style=3D"FONT: 10pt arial"><B>Subject:</B> Re: Security = Problem</DIV> <DIV><BR></DIV><FONT face=3Darial,helvetica><FONT lang=3D0 = face=3DTahoma size=3D2=20 FAMILY=3D"SANSSERIF">Sudo has several issues security-wise, many of = which are=20 FreeBSD related. <BR>However, I will keep this e-mail in my box and = will=20 send more information <BR>about the security holes, etc. in it when = I find=20 some suitable URL's. -- <BR>Jonathan M. Slivko <BR><BR>-- = <BR>Jonathan M.=20 Slivko <<A = href=3D"mailto:JonMS2010@AOL.COM">JonMS2010@AOL.COM</A>>=20 <BR>Website: <A=20 = href=3D"http://hometown.aol.com/JonMS2010">http://hometown.aol.com/JonMS2= 010</A>=20 <BR>FreeBSD -- The Power To Serve! <BR><BR>"Microsoft? Is that some = kind of=20 toilet paper?" <BR>--</FONT> = </FONT></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML> ------=_NextPart_000_00C8_01C07585.E3E48B80-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00cb01c07532$13c13e60$837e03cb>