Is there an advantage to using sudo over suauth? I hadnt considered
this particular scenario, but I think I will from now on...
On Wed, 23 Mar 2005 14:26:26 -0500, Vladamir
<wireless.insecurity_at_gmail.com> wrote:
> Yes, if the user has full root access and is compromised, the attacker
> will have full root access (the system doesn't know the difference
> between people unless you're using BioMetrics :) )
>
> As for allowing a time limit..
> IIRC the way to do it is:
>
> timestamp_timeout= <timeout limit>
>
> Tahis Vera wrote:
> > Hi all,
> > I have two quick questions related to the 'sudo' command;
> > putting a certain user Mr.X with ALL=(ALL)ALL permissions in the
> > sudoers file, gives him COMPLETE root previleges? In other words, if I
> > want that some people, for security reasons, stop using the root
> > account/password for accessing the servers, by crating a sudo user
> > with ALL previledges will decrease this risk? If this sudo account is
> > compromised, will the cracker have COMPLETE root previleges?
>
> > The other questions is how to set the time (in sudoers file) for the
> > user to work with sudo, without having to write the password (let's
> > say that I want to work for 20 minutes without having to write the
> > password again)
> >
> > regards
> >
> > Tahis
> >
>
Received on Mar 25 2005
Intro
