Sudoers vulnerability found
-
Here is the brief.
-
That's why best practice is to mount tmp and other file systems that don't contain /dev with nodev. That way someone can't create a fake device.
-
Better switch to Windows!
-
-
I swear we talked about this a week ago.
-
@JaredBusch said in Sudoers vulnerability found:
I swear we talked about this a week ago.
Was it? I may have missed it. If I did, a reminder doesn't hurt.
-
We talked about a similar issue last week. I don't think it was this exact vulnerability... Just like the previous one though this is more of the "If you configure a system incorrectly and give someone sudo access you're going to have a bad day." types of error rather then a full blown security issue.
-
@coliver said in Sudoers vulnerability found:
We talked about a similar issue last week. I don't think it was this exact vulnerability... Just like the previous one though this is more of the "If you configure a system incorrectly and give someone sudo access you're going to have a bad day." types of error rather then a full blown security issue.
Ah, ok. But yeah, if you give someone sudo, you are already trusting them to not fuck up your system.