Date: Sat, 05 May 2001 17:36:23 -0500 From: Laurence Berland <stuyman@confusion.net> To: Sue Blake <sue@welearn.com.au> Cc: Jonathan Fortin <jfortin@akalink.com>, "Jonathan M. Slivko" <jslivko@jeah.net>, freebsd-questions@FreeBSD.ORG Subject: Re: Disabling The Root Account Message-ID: <3AF48067.76ABD833@confusion.net> References: <20010502142336.I30799-100000@awww.jeah.net> <00ba01c0d340$6f1097e0$0200320a@node00> <20010503061301.B6584@welearn.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
But either a) you set your sudo policy once, and never again OR b) your user can edit the sudo policies. If so, they'll just add /bin/sh to the configuration. Or am I missing something? L: Sue Blake wrote: > > On Wed, May 02, 2001 at 03:45:25PM -0400, Jonathan Fortin wrote: > > No. > > What if someone gets a hold of your password, he wouldnt even need root > > password to have root access. he would just call /bin/sh via sudo and bam! > > sudo has it's pros and what you would be doing is a con. > > Well, you do have to understand what you're doing when you configure > sudo and when you dish out privileges, even to yourself. You also > have to change the way personal passwords are treated. Otherwise > don't use sudo, or root for that matter. > > -- > > Regards, > -*Sue*- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Laurence Berland Northwestern '04 stuyman@confusion.net http://www.isp.northwestern.edu/~laurence "The world has turned and left me here" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AF48067.76ABD833>