[Labs-l] Passwordless sudo on all instances

Damian Zaremba damian at damianzaremba.co.uk
Fri Jan 25 12:42:57 UTC 2013

Previous message: [Labs-l] Passwordless sudo on all instances
Next message: [Labs-l] New project request: OxygenGuide (Wikivoyage datadump transformation every 10 days)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 25/01/2013 08:15, Petr Bena wrote:
> Why renaming ALL?
>
ALL is all users, including local (system) users - if ALL are allowed to 
run all commands, passwordless you can get into cases where a web 
exploit suddenly has full root access to the box via the apache or 
nobody account.

- Damian

Previous message: [Labs-l] Passwordless sudo on all instances
Next message: [Labs-l] New project request: OxygenGuide (Wikivoyage datadump transformation every 10 days)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Labs-l mailing list