Re: sudo again - Andrew Cagney

public inbox for overseers@sourceware.org
 help / color / mirror / Atom feed

From: Andrew Cagney <ac131313@cygnus.com>
To: tromey@cygnus.com
Cc: Overseers List <overseers@sourceware.cygnus.com>
Subject: Re: sudo again
Date: Sat, 30 Dec 2000 06:08:00 -0000	[thread overview]
Message-ID: <39A4C826.6424DA13@cygnus.com> (raw)
In-Reply-To: <874s4fepvo.fsf@creche.i-did-not-set--mail-host-address--so-shoot-me>

Tom Tromey wrote:
> 
> Chris pointed out to me that I installed sudo but didn't test it, and
> it didn't work.  I looked into it.  It fails because none of us have
> passwords on sourceware.  This confuses PAM.
> 
> Fine.  I looked into making it use our kerberos passwords, but we
> don't have the krb4 PAM module installed (and don't we use krb5
> anyway?).  So I made it `promiscuous'.  This means that if you are
> listed in the sudoers file you won't need to use a password to use
> sudo.
> 
> Maybe this is lame and dangerous (?).  Another choice would be to give
> all the sudoers a real password.  That's an easy change to make: just
> revert my change in /etc/pam.d/sudo and tell the list (or ask me to do
> it).

First random thought.  What could go wrong.  I use it here....

Second random thought.  The moment the user has to perform
authentication (enter their password) while logged into sourceware,
you've got the makings of a security problem.  SUDO becomes an obvious
point of attack - capture those passwords.  The less authentication
mechanisms on the machine the better. Can what you want be achieved
using just SSH?

With respect to promsiscuous being lame or dangerous.  SUDO will make
little difference.  Going from a normal user will take 10 seconds
instead of 5.

	Andrew

WARNING: multiple messages have this Message-ID

From: Andrew Cagney <ac131313@cygnus.com>
To: tromey@cygnus.com
Cc: Overseers List <overseers@sourceware.cygnus.com>
Subject: Re: sudo again
Date: Thu, 24 Aug 2000 00:01:00 -0000	[thread overview]
Message-ID: <39A4C826.6424DA13@cygnus.com> (raw)
Message-ID: <20000824000100.7gNCmXtOUIsPa1MVQnOJ5kYIuL_HLXro81loy8lc7Z0@z> (raw)
In-Reply-To: <874s4fepvo.fsf@creche.i-did-not-set--mail-host-address--so-shoot-me>

Tom Tromey wrote:
> 
> Chris pointed out to me that I installed sudo but didn't test it, and
> it didn't work.  I looked into it.  It fails because none of us have
> passwords on sourceware.  This confuses PAM.
> 
> Fine.  I looked into making it use our kerberos passwords, but we
> don't have the krb4 PAM module installed (and don't we use krb5
> anyway?).  So I made it `promiscuous'.  This means that if you are
> listed in the sudoers file you won't need to use a password to use
> sudo.
> 
> Maybe this is lame and dangerous (?).  Another choice would be to give
> all the sudoers a real password.  That's an easy change to make: just
> revert my change in /etc/pam.d/sudo and tell the list (or ask me to do
> it).

First random thought.  What could go wrong.  I use it here....

Second random thought.  The moment the user has to perform
authentication (enter their password) while logged into sourceware,
you've got the makings of a security problem.  SUDO becomes an obvious
point of attack - capture those passwords.  The less authentication
mechanisms on the machine the better. Can what you want be achieved
using just SSH?

With respect to promsiscuous being lame or dangerous.  SUDO will make
little difference.  Going from a normal user will take 10 seconds
instead of 5.

	Andrew

next prev parent reply	other threads:[~2000-12-30  6:08 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2000-12-30  6:08 Tom Tromey
2000-08-20 11:35 ` Tom Tromey
2000-12-30  6:08 ` Andrew Cagney [this message]
2000-08-24  0:01   ` Andrew Cagney

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=39A4C826.6424DA13@cygnus.com \
    --to=ac131313@cygnus.com \
    --cc=overseers@sourceware.cygnus.com \
    --cc=tromey@cygnus.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).