| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
|
| 5 |
Correct me if I'm wrong, but wouldn't one of the main points of running |
| 6 |
SELinux be to get away from the "root" user and su/sudo/setuid/setgid? |
| 7 |
I'd think one could edit /etc/fstab if the role permitted it... why not |
| 8 |
configure a role to allow editing of [certain] system files? |
| 9 |
|
| 10 |
|
| 11 |
Public GPG/PGP key for Brant Williams: 0x88E1AA9E. |
| 12 |
Available at your friendly local public keyserver. |
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
On Sun, 10 Jun 2007, Krzysztof Koz~Bowski wrote: |
| 17 |
|
| 18 |
> Petre Rodan wrote: |
| 19 |
> > - you're opening up a pandora's box here because I'm sure one can be very imaginative of what can be run thru sudo and not be allowed by the policy |
| 20 |
> So you are saying that with "su" the sysadmin cannot run all possible |
| 21 |
> commands? For example - I have to edit /etc/fstab. So I have two choices: |
| 22 |
> $ newrole -r sysadm |
| 23 |
> $ su - |
| 24 |
> # vi /etc/fstab |
| 25 |
> (or "$ su - -c 'vi /etc/fstab'") |
| 26 |
> or |
| 27 |
> $ newrole -r sysadm // or something else |
| 28 |
> $ sudo vi /etc/fstab |
| 29 |
> |
| 30 |
> And the first choice is better from security point of view? For me it looks |
| 31 |
> like that policies for "su" and "sudo" will be similar in such examples. Am I |
| 32 |
> wrong? Is there another /better/ way for running one command as root? |
| 33 |
> |
| 34 |
> |
| 35 |
> > - a misconfigured or broken sudo greatly weakens the security of a system by possibly allowing privilege escalation, so why even install it? |
| 36 |
> One simple reason is that it is an easy way to log root commands (when of |
| 37 |
> course the sysadmin wants it to be logged, e.g. he don't type "sudo bash" or |
| 38 |
> something). |
| 39 |
> |
| 40 |
> |
| 41 |
> |
| 42 |
> |
| 43 |
> -- |
| 44 |
> Krzysztof Kozłowski |
| 45 |
> http://www.kozik.net.pl |
| 46 |
> |
| 47 |
> |
| 48 |
> -- |
| 49 |
> gentoo-hardened@g.o mailing list |
| 50 |
> |
| 51 |
> |
| 52 |
-----BEGIN PGP SIGNATURE----- |
| 53 |
Version: GnuPG v1.4.7 (GNU/Linux) |
| 54 |
|
| 55 |
iD8DBQFGbJosYfOV94jhqp4RAp/AAJ9itE2QJkxTd8kc8u2CIzqt7k/suACdHeet |
| 56 |
pt+15Q/uORMUYrFrQq7Sv5M= |
| 57 |
=houh |
| 58 |
-----END PGP SIGNATURE----- |
Archives