Re: sudo & wheel group

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Chris <atstake@...>

To: Aaron W. Hsu <arcfide@...>

Cc: <misc@...>

Subject: Re: sudo & wheel group

Date: Sunday, September 16, 2007 - 3:14 am

On 9/16/07, Aaron W. Hsu wrote:

quoted text

> What exactly are you trying to enable users to do? The fact that you need to
> provide normal users with these kind of privileges indicates a possible flaw
> in your overall scheme. You may find that, after careful reconsideration,
> there are precious few commands that you would actually have to allow the
> users to run with superuser privileges.

So what's the "ideal" way to do things? Adding joeuser in the wheel
group and then add - joeuser ALL=(ALL) ALL in sudoers? And when the
joeuser account gets cracked, the cracker would be able to run
privileged commands? That defies the whole purpose. The other
possibility is to login as root (when are where needed, that is) and
do what is required. But afterboot(8) doesn't recommend that as an
option.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

sudo & wheel group, Chris, (Sat Sep 15, 9:47 pm)

Re: sudo & wheel group, Nick Guenther, (Sun Sep 16, 1:13 am)

Re: sudo & wheel group, Lars Noodén, (Sun Sep 16, 3:58 am)

Re: sudo & wheel group , Aaron W. Hsu, (Sat Sep 15, 10:16 pm)

Re: sudo & wheel group , Matthew Szudzik, (Sun Sep 16, 10:33 pm)

Re: sudo & wheel group , Woodchuck, (Mon Sep 17, 11:54 am)

Re: sudo & wheel group , Antoine Jacoutot, (Mon Sep 17, 2:17 am)

Re: sudo & wheel group, Clint Pachl, (Mon Sep 17, 2:57 am)

Re: sudo & wheel group, Paul de Weerd, (Mon Sep 17, 9:41 am)

Re: sudo & wheel group, Matthew Szudzik, (Mon Sep 17, 9:52 am)

Re: sudo & wheel group, Gilles Chehade, (Mon Sep 17, 4:28 am)

Re: sudo & wheel group, Stuart Henderson, (Mon Sep 17, 10:08 am)

Re: sudo & wheel group, Henning Brauer, (Mon Sep 17, 5:34 am)

Re: sudo & wheel group, Chris, (Sun Sep 16, 3:14 am)

Re: sudo & wheel group, Rob, (Sun Sep 16, 4:18 am)

Re: sudo & wheel group, Alexander Hall, (Sun Sep 16, 3:43 am)

Re: sudo & wheel group, Ted Unangst, (Sun Sep 16, 1:26 pm)

Re: sudo & wheel group , Aaron W. Hsu, (Sun Sep 16, 1:16 pm)

Re: sudo & wheel group, Darrin Chandler, (Sun Sep 16, 10:16 am)

Re: sudo & wheel group, Chris, (Mon Sep 17, 3:51 am)

Re: sudo & wheel group, Keith Richardson, (Mon Sep 17, 2:13 pm)

Re: sudo & wheel group , Aaron W. Hsu, (Mon Sep 17, 12:06 pm)

Re: sudo & wheel group, James Hartley, (Mon Sep 17, 11:33 am)

Re: sudo & wheel group, Woodchuck, (Mon Sep 17, 10:49 am)

Re: : sudo & wheel group, Raimo Niskanen, (Tue Sep 18, 3:43 am)


linux-kernel:
Greg Kroah-Hartman	[PATCH 005/196] Chinese: add translation of SubmittingDrivers
david	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Andrew Morton	Re: PROBLEM: high load average when idle
Karl Meyer	PROBLEM: 2.6.23-rc "NETDEV WATCHDOG: eth0: transmit timed out"
git:

linux-netdev:
Evgeniy Polyakov	Mark IPW2100 as BROKEN: Fatal interrupt. Scheduling firmware restart.
Jarek Poplawski	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 28/37] dccp: Integration of dynamic feature activation - part 3 (client side)
David Miller	[GIT]: Networking
openbsd-misc:

Re: sudo & wheel group

Online users