Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] [Slugnet] Fwd: Re: [linuxNUS] Possible HUGE SecurityFlaw in Ubuntu Breezy (and maybe other versions)
- Date: Tue, 14 Mar 2006 01:47:54 +0800
- From: "Fabrice A. Marie" <fabrice.marie@example.com>
- Subject: Re: [tlug] [Slugnet] Fwd: Re: [linuxNUS] Possible HUGE SecurityFlaw in Ubuntu Breezy (and maybe other versions)
- References: <20060313165042.22809.qmail@example.com><960920f90603130853o1dfed93fpb91601820f9a5d5a@example.com>
- User-agent: Thunderbird 1.5 (Windows/20051201)
Anshul Nigham wrote: > This is precisely why I distrust distros that don't have a separate > root account. The thing is, this was a user password with sudo > privileges so it wasn't quite taken care of well. If you have an > exclusive ROOT account, developers tend to be more careful. Agreed about sudo. sudo is the number one installed facility that I will use while trying to escalate my privileges on a compromised box. Why ? Simply because it's almost never configured the proper way. Remember the proper/trivial security method: 1- deny everything 2- allow only what you really need well that thing is never done by admins when they use sudo, which makes it a prime suspect when attacking. In other words, if you are using sudo, quickly go to carefully review your sudoer.conf and make sure that you allow only what you need. Have a nice day, Fabrice. -- Fabrice A. MARIE FMA Risk Management Solutions http://www.fma-rms.com/
- References:
- Prev by Date: Re: [tlug] LC_CTYPE
- Next by Date: Re: [tlug] LC_CTYPE
- Previous by thread: [tlug] Ubuntu Security Blunder and Poor Post
- Next by thread: Re: [tlug] Fwd: Re: [linuxNUS] Possible HUGE Security Flaw inUbuntu Breezy (and maybe other versions)
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |