SLUG Mailing List Archives

To: slug@xxxxxxxxxxx
Subject: Re: [SLUG] sudo command over ssh - pasword echo
From: Simon Wong <linux@xxxxxxxxx>
Date: Thu, 20 Apr 2006 11:57:50 +1000

On Thu, 2006-04-20 at 11:36 +1000, James Gray wrote:
> Just because a user can "sudo" doesn't mean they can "sudo <anything>".  You 
> *can* restrict users to only being able to sudo a very specific set of 
> commands and then even restrict further to options passed to those commands.  

Yeah I know, it's one of those mornings where a growing list of
"problems" was making me avoid having to do more :-(

> > yep, trying to script it :-)
> 
> Bummer - not really an option then.

well, I don't have a big problem doing some of this manually as long as
I can streamline it a bit.  I'd like to keep good control over what's
happening with package updates especially.

> Double up the security: restrict allowed users AND use key-based auth. :)

Agreed, I've learnt a bit about that the hard way recently :-(


-- 
Simon Wong <linux@xxxxxxxxx>

References:
- [SLUG] sudo command over ssh - pasword echo
  - From: Simon Wong
- Re: [SLUG] sudo command over ssh - pasword echo
  - From: James Gray
- Re: [SLUG] sudo command over ssh - pasword echo
  - From: Simon Wong
- Re: [SLUG] sudo command over ssh - pasword echo
  - From: James Gray

Messages sorted by: [ date | thread ]
Prev by Date: Re: [SLUG] Invalid credentials error code 49
Next by Date: Re: [SLUG] sudo command over ssh - pasword echo
Previous by thread: Re: [SLUG] sudo command over ssh - pasword echo
Next by thread: [SLUG] Ldap error

Re: [SLUG] sudo command over ssh - pasword echo