Re: [SLE] sux vs. xhost (WAS: Re: [SLE] Xlib)

• Previous message: Jim Cunning: "Re: [SLE] Network census"
• In reply to: Paul W. Abrahams: "Re: [SLE] sux vs. xhost (WAS: Re: [SLE] Xlib)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Mon, 1 Mar 2004 13:53:29 -0800
To: suse-linux-e@suse.com

* Paul W. Abrahams (abrahams@acm.org) [040301 13:41]:
>On Monday 01 March 2004 3:42 pm, Patrick Shanahan wrote:
>
>> sudo _should_not_ allow you to operate root priv w/o password unless
>> you have specifically altered /etc/sudoers. And if you did, you
>> apparently do not care about security.

It's not that one doesn't care about security. I for one don't like
logging in as root and what if a cracker got in a replaced su or sux
with something they wrote? How would you know? You wouldn't unless you
had tripwire or something else. I have NO ONE in my /etc/sudoers file
except myself and the entry is as follows....

ben ALL=(ALL) NOPASSWD:ALL

This lets me do things like " sudo yast2 " and run it in X so that I can
do what I need to do and as soon as the program exits ..poof..
everything is back to normal user.

So if your trying to display programs and such remotely why not to it
through an ssh tunnel?

>Things like email viruses are another matter, but so far the virus writers
>don't seem to consider Linux mailers a worthwhile target.

This is true...because Mutt had a security issue not so long ago that
would have been a nice target for script kiddies. But then again people
who use mutt aren't easy to social engineer to just fire off anything at
will. :)

-- 
Linux User #147972 ---===--- mailto:ben@whack.org
-- 
"There is no need to teach that stars can fall out of the sky
and land on a flat Earth in order to defend religious faith." 
-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com

• Previous message: Jim Cunning: "Re: [SLE] Network census"
• In reply to: Paul W. Abrahams: "Re: [SLE] sux vs. xhost (WAS: Re: [SLE] Xlib)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages RE: [Full-Disclosure] Antigen Path Disclosure ... security, you're all just playing with "the morning wood" (err.. ... the pool, I don’t care if he went off a bridge, I DON'T FUCKING CARE, ... something i never actually bothered poking at them or something i never ... Charter: http://lists.netsys.com/full-disclosure-charter.html ... (Full-Disclosure) [Full-Disclosure] Beyond black, white, and grey: the Yellow Hat Hacker ... >>cashing in and making a great show of how much you care about protecting ... >>security is hypocritical, that's all. ... >I have a real fucking problem with idiots who know nothing, ... >This isn't a childish rant. ... (Full-Disclosure) Re: Atguard? ... And those idiots typically install software without seeing any need for it, without any reasonable evaluation of their problem and without considering alternatives. ... Who said that I don't care for authors? ... As if locally exploitable wasn't worse enough, there are many other remotely exploitable security vulnerabilities including DoS with SYN, UDP and ICMP flooding or bypassing the filtering with overlapping IP fragments. ... Is that political correctness for "horribly broken"? ... (comp.security.firewalls) Re: Where is the notificiation about IE zero day vulnerablity? ... but over 2 hours ago I did say that a break in FF security would ... The problem I have with that is why would Yahoo, CNN or MSNBC care about ... (microsoft.public.security) Re: Where is the notificiation about IE zero day vulnerablity? ... Imhotep wrote: ... but over 2 hours ago I did say that a break in FF security would ... > Yahoo, CNN, MSNBC even care? ... >>safe IBM gear rather than with competitors' equipment. ... (microsoft.public.security)