Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] [Slugnet] Fwd: Re: [linuxNUS] Possible HUGE SecurityFlaw in Ubuntu Breezy (and maybe other versions)

Anshul Nigham wrote:
> This is precisely why I distrust distros that don't have a separate
> root account. The thing is, this was a user password with sudo
> privileges so it wasn't quite taken care of well. If you have an
> exclusive ROOT account, developers tend to be more careful.

Agreed about sudo.

sudo is the number one installed facility that I will use while trying
to escalate my privileges
on a compromised box. Why ? Simply because it's almost never configured
the proper way.
Remember the proper/trivial security method:
1- deny everything
2- allow only what you really need
well that thing is never done by admins when they use sudo, which makes it a
prime suspect when attacking.
In other words, if you are using sudo, quickly go to carefully review
your sudoer.conf
and make sure that you allow only what you need.

Have a nice day,


Fabrice A. MARIE
FMA Risk Management Solutions

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links