Questions tagged [sudoers]
5 questions
5
votes
1 answer
Is explicitly disabling a default in the sudoers file the same as not listing it at all?
I'm reviewing the /etc/sudoers file on a machine in response to CVE-2019-18634, a buffer-overflow vulnerability present in sudo. The bulletin on the sudo.ws website recommends the following mitigation:
If the sudoers file has pwfeedback enabled,…
Joshua Murphy
- 146
- 16
2
votes
1 answer
Linux access control policies sudoers
I'm learning about linux hardening and I'm creating a sudoers file. My idea is to separate things. There will be a user to see log files, another that can sudo to manage system processes, another for network managements, and so on and so forth. Is…
guu1
- 21
- 1
1
vote
1 answer
Shell escaping vs. /etc/sudoers. What's the difference?
I am trying to grasp some basic principles of security in Linux (I used Centos 8.0 and Kali 2020 in the example below).
I found that providing you have an account in a particular system that is in the /et/sudoers and its entry is ALL=(ALL) you can…
lord_sommersby
- 11
- 1
1
vote
1 answer
Is it good or bad to use group in sudoers file instead of using aliases?
I have used user groups heavily while designing access control policies. I find user groups very convenient as it's very easy to implement with PAM.
Another reason I have organized the users with various groups is to implement (minimal) RBAC. But…
arif
- 1,088
- 13
- 24
0
votes
1 answer
security difference between sudo make install versus sudo su make install
Is there a security difference between doing
sudo make install
versus two step
sudo su
and then typing
make install
The reason I'm asking is because a security requirement to install some software says you must type exactly 'make install' (not…
user1709076
- 149
- 7