List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
> That means I have to either give my staff sudo access to use
> traceroute, when I want them to be able to use it to diagnose
> network problems. And set up in this same "security mindset", sudo
> will require a password upon execution.
Not necessarily so. You can have sudo not request a password by using
NOPASSWD in the sudoers file.
> A (imho) better solution would be to perhaps do a 4750 by default,
> and give it to a specific group, say "staff" or the like, this way I
> can add my staff to that particular group once, and not have to muck
> permissions everytime a new release of traceroute comes out.
Being paranoid about my machine and giving out shell access to various users
I restricted my traceroute/ping/nmap access. Here is my sudoers:
root ALL=(ALL) ALL
user1 ALL=(ALL) ALL
user2 ALL=(ALL) ALL
user3 ALL=(ALL) ALL
I require my users to put in thier passwords because I can't stop them from
walking away from thier terminals unattended. If you wanted it so that they
would not get prompted for thier passwords you could put:
user4 ALL= NOPASSWD: NMAP,TRPNG
I personally like sudo because it makes people accountable for thier
> $.02 + $.02 makes $.04, I should get an old top hat to collect the
Does that make $.06?
email@example.com mailing list