Date: Wed, 3 Jan 2001 13:05:48 +1000 From: "Doug Young" <dougy@bryden.apana.org.au> To: "Jason Halbert" <res02jw5@gte.net>, <JonMS2010@aol.com>, <questions@FreeBSD.ORG> Subject: Re: Security Problem Message-ID: <00cb01c07532$13c13e60$837e03cb@dougy> References: <62.aa1e4b9.2783dd01@aol.com> <009101c0752a$3e873b20$566933d8@xps>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
------=_NextPart_000_00C8_01C07585.E3E48B80
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sudo is an application that allows a sysadmin to give a user access to =
selected commands.
It does not require granting full "su" rights in order to allow a user =
to run something normally=20
run as "root". I've not heard of any security "features" but check on =
that area yourself ....don't=20
take it as gospel that there aren't any.=20
I think sudo is available as both a sysinstall package & as a port =
....... never looked for source =20
----- Original Message -----=20
From: Jason Halbert=20
To: JonMS2010@aol.com ; dougy@bryden.apana.org.au ; =
questions@FreeBSD.ORG=20
Sent: Wednesday, January 03, 2001 12:09 PM
Subject: Re: Security Problem
What is sudo?
And add host.allow/deny lines to what exactly?
---
Jason
jason@jason-n3xt.org
----- Original Message -----=20
From: JonMS2010@aol.com=20
To: dougy@bryden.apana.org.au ; res02jw5@gte.net ; =
questions@freebsd.org=20
Sent: Tuesday, January 02, 2001 7:40 PM
Subject: Re: Security Problem
Sudo has several issues security-wise, many of which are FreeBSD =
related.=20
However, I will keep this e-mail in my box and will send more =
information=20
about the security holes, etc. in it when I find some suitable =
URL's. --=20
Jonathan M. Slivko=20
--=20
Jonathan M. Slivko <JonMS2010@AOL.COM>=20
Website: http://hometown.aol.com/JonMS2010=20
FreeBSD -- The Power To Serve!=20
"Microsoft? Is that some kind of toilet paper?"=20
--=20
------=_NextPart_000_00C8_01C07585.E3E48B80
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Sudo is an application that allows a =
sysadmin to=20
give a user access to selected commands.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>It does not require granting full "su" =
rights in=20
order to allow a user to run something normally </FONT></DIV>
<DIV><FONT face=3DArial size=3D2>run as "root". I've not heard of =
any security=20
"features" but check on that area yourself ....don't </FONT></DIV>
<DIV><FONT face=3DArial size=3D2>take it as gospel that there aren't=20
any. </FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I think sudo is available as both a =
sysinstall=20
package & as a port ....... never looked for source=20
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dres02jw5@gte.net href=3D"mailto:res02jw5@gte.net">Jason =
Halbert</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3DJonMS2010@aol.com=20
href=3D"mailto:JonMS2010@aol.com">JonMS2010@aol.com</A> ; <A=20
title=3Ddougy@bryden.apana.org.au=20
=
href=3D"mailto:dougy@bryden.apana.org.au">dougy@bryden.apana.org.au</A> =
; <A=20
title=3Dquestions@FreeBSD.ORG=20
href=3D"mailto:questions@FreeBSD.ORG">questions@FreeBSD.ORG</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Wednesday, January 03, =
2001 12:09=20
PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> Re: Security =
Problem</DIV>
<DIV><BR></DIV>
<DIV><FONT size=3D2>What is sudo?</FONT></DIV>
<DIV><FONT size=3D2>And add host.allow/deny lines to what =
exactly?</FONT></DIV>
<DIV><FONT size=3D2></FONT> </DIV>
<DIV><FONT size=3D2>---</FONT></DIV>
<DIV><FONT size=3D2>Jason</FONT></DIV>
<DIV><FONT size=3D2><A=20
=
href=3D"mailto:jason@jason-n3xt.org">jason@jason-n3xt.org</A></FONT></DIV=
>
<DIV> </DIV>
<BLOCKQUOTE=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3DJonMS2010@aol.com=20
href=3D"mailto:JonMS2010@aol.com">JonMS2010@aol.com</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3Ddougy@bryden.apana.org.au=20
=
href=3D"mailto:dougy@bryden.apana.org.au">dougy@bryden.apana.org.au</A> =
; <A=20
title=3Dres02jw5@gte.net =
href=3D"mailto:res02jw5@gte.net">res02jw5@gte.net</A> ;=20
<A title=3Dquestions@freebsd.org=20
href=3D"mailto:questions@freebsd.org">questions@freebsd.org</A> =
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Tuesday, January 02, =
2001 7:40=20
PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> Re: Security =
Problem</DIV>
<DIV><BR></DIV><FONT face=3Darial,helvetica><FONT lang=3D0 =
face=3DTahoma size=3D2=20
FAMILY=3D"SANSSERIF">Sudo has several issues security-wise, many of =
which are=20
FreeBSD related. <BR>However, I will keep this e-mail in my box and =
will=20
send more information <BR>about the security holes, etc. in it when =
I find=20
some suitable URL's. -- <BR>Jonathan M. Slivko <BR><BR>-- =
<BR>Jonathan M.=20
Slivko <<A =
href=3D"mailto:JonMS2010@AOL.COM">JonMS2010@AOL.COM</A>>=20
<BR>Website: <A=20
=
href=3D"http://hometown.aol.com/JonMS2010">http://hometown.aol.com/JonMS2=
010</A>=20
<BR>FreeBSD -- The Power To Serve! <BR><BR>"Microsoft? Is that some =
kind of=20
toilet paper?" <BR>--</FONT> =
</FONT></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_00C8_01C07585.E3E48B80--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00cb01c07532$13c13e60$837e03cb>