Date: Thu, 25 Mar 1999 12:44:03 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: bmah@CA.Sandia.GOV (Bruce A. Mah) Cc: freebsd-security@FreeBSD.ORG Subject: Re: sudo (was Re: Kerberos vs SSH) Message-ID: <199903252044.MAA02527@apollo.backplane.com> References: <199903252032.MAA25377@stennis.ca.sandia.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
:
:> We used sudo for a little while 3 years ago, but I decided that it was
:> too big a security risk and wiped it. sudo is one of the stupidest
:> programs I've ever seen.
:
:I'd be curious to hear what you think sudo's shortcomings are, and why it
:merits being labeled as one of the stupidest programs you've ever seen?
:
:Bruce.
Simple: Because the program is designed to poke holes through root and
run specified programs. It's fairly easy to misconfigure it, and there is
no guarentee that the programs it runs are themselves secure. sudo opens
up a whole can of potential security problems.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903252044.MAA02527>