If you configure sudo to let them create new users, what prevents them
from creating a new user with UID=0? Let me guess that linuxconf and
the rest of such administrative tools have been designed to be run by
root, and, as such, haven't undergone the kind of security audit that
would let you be confident that they couldn't be leveraged into wider
access. You're root already, why do you need to be protected against
yourself?
Sudo is great for keeping honest folks honest, and its logs help you
find the folks responsible for things so you can ask the right person
why they did such-and-such and suggest alternatives. As a security
tool, it's only strong against the unsophisticated, i.e., not strong at
all.
- Stephen
On 14 Jun, Nitebirdz wrote:
> On Mon, 12 Jun 2000, John Summerfield wrote:
>
>>
>> On Standard RHL, one has to be root to create a user.
>> Being root, one can also read/write any file on the system, install new
>> software, reconfigure sendmail.
>>
>> As a professional maintaining Linux systems, I'd not want this.
>>
>> If sudo allows me to partition these responsibilities and delegate them to
>> separate areas, then it probably fixes the problem.
>>
>> PAM is not the right way to go; programs should not have to have this kind
>> of security built into them.
>>
>
> Oh, if that is what you need then sudo will do it for you. Just add the
> usernames to the /etc/sudoers file, and also specify there which commands
> they are allow to run. They will then be able to run the commands to add
> new users to the system (for example), and whatever they do will also be
> logged into /var/log/messages.
>
> --
> Nitebirdz
> http://www.linuxnovice.org
> Tips, articles, news, links...
>
> --
> To unsubscribe:
> mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
--
Find my public key at http://pgp5.ai.mit.edu
Key fingerprint = E1 B6 97 1B 96 9F A1 D1 77 09 AA 90 4B 0F 91 CC
PGP signature
