Ubuntu Security :: Unflattering Things About Use Of Sudo?

Apr 9, 2010

I just read an article saying some unflattering things about Ubuntu's use of sudo. My question is this true?[URL]..

View 6 Replies


ADVERTISEMENT

Fedora Security :: Cannot Open /var/db/sudo After Sudo Package Upgrade?

Sep 16, 2010

A day ago I finally got around to upgrading the PackageKit installation that had been sitting for a week and a half, so I found a new upgrade for sudo available - the one that gives the sudoreplay command, I forget which version number it is exactly. When I try to use the sudo command I get this notice in my terminal:Code:Can't open /var/db/sudo/me/1: Permission deniedI didn't get it before. What do I have to do to make it open? I'm using SELinux in enforcing mode if that helps.

View 1 Replies View Related

Security :: Get A List Of Basic Things

Mar 29, 2010

I am looking for a basic guide to Linux security. I am assessing a multi-server farm and have very limited experience with Linux. Where can I get a list of basic things I should be looking at from a security standpoint, i.e. ports, vulnerabilities, users, etc? Looking for a checklist I can run through. We are running CentOS Linux 5.0.

View 6 Replies View Related

Fedora Security :: Terminal Equivalent Of "sudo" Is It Still Sudo/KDEsudo

May 29, 2010

I am new to fedora (been using debian based distro's for the longest time). With the new release I decided to give FC13 (The kde 64 bit spin) a try. I told it to wipe my entire hdd and encrypt the partitions. The partition manager made a few LVM partitions which I assume are encrypted.

The problem I am having is that if I attempt to use an application that would normally need root access to run, I am not prompted to enter my root password. Instead, I am required to logout and log back in as root. Is there a way to make it so that FC13 will prompt me to enter in my root password so I do not need to log in and out? Or is there something Different I should have done during the install process? Also, what is the terminal equivalent of "sudo" in fedora, or is it still sudo/KDEsudo

I also have not used SE Linux before. Do I need to manually enforce the permissions for my applications and generate my own profiles for it, or is that done automatically?

View 14 Replies View Related

Programming :: Name Of Formula N Things Out Of Collection Of M Things

Jul 22, 2011

I'm working through some problems in a beginners programming book. The author mentions a formula for calculating the number of ways of picking out n things from a collection of m of them:

Code:
/ m m!
| | = -----------
n / n! (m-n)!
But he does not give a name for the formula. Does anyone happen to know what it is called? I need to do some related research.

View 3 Replies View Related

Ubuntu :: Upgrade Manager Calls These Things "Important Security Upgrades"

Mar 17, 2011

when i got my starling netbook 6 months ago it worked perfectly. due to upgrades since then i now have problems with printing, sound and videos. there are probably solutions to all of these things if i spent hours here on the forum asking questions, and trying different solutions, but it seems like a lot of work.

upgrade manager calls these things "important security upgrades". are they really important to security? would my computer be dangerously vulnerable to attack if i never did an upgrade?

View 8 Replies View Related

Ubuntu Security :: Allow Program To Be Run As Administrator Without Sudo?

Jun 7, 2010

Certain commands like:
fdisk -l
nmap -sT 192.168.0.1/24
iftop

require administrator privileges to run. A while ago i read a post(forgot where i read it) about being able to let a user run these commands in a script (that contains the desired command) created by the administrator/root without the user having to do a sudo and entering a password. Does anyone know how i can go about doing this?

View 3 Replies View Related

Ubuntu Security :: How To Change Sudo Behaviour

Jun 14, 2010

I've enabled root under Ubuntu (i know frowned upon), I'd like to change the default behaviour of sudo so that rather than requesting my password (the password I logon with), it requires the root password.

Have searched the forums but can't find the answer.

View 9 Replies View Related

Ubuntu Security :: Unable To Login Using Su Or Sudo?

Oct 18, 2010

At the terminal prompt, I can't login using su nor sudo. I can only login as root at the dialog level. How do I correct this?

View 6 Replies View Related

Ubuntu Security :: Sudo Su. No Password Needed

Mar 22, 2011

why when I type sudo su in a terminal there's no need to enter my password, I just go straight into root

View 5 Replies View Related

Ubuntu Security :: Sudo Permission Not Being Revoked?

Apr 1, 2011

I am using Ubuntu 10.04-alternate-amd64 for full disk encryption. After getting my updates which i get as soon as they are released. I am getting the issue temp root (sudo) password is not being revoked. After using any app that requires the use of sudo the permission for it does not get removed like it normally does.

I have tried logging out then back in, which usually removes the permission, this no longer works, also tried waiting and even after 1 hour permission still there. The only work around I have found is to use the terminal to execute the required programs then after closing terminal the temp permission is now removed like it should be. This issue has effected all of my systems and a friend of mine as well, (friend uses same distro).

To replicate issue:

1) Boot system.
2) Login.
3) Check for updates or any other app that uses root permission.
4) Logout
5) Login
6) Repeat step 3
7) App will not ask for permission it will use root permission automatically.

View 3 Replies View Related

Ubuntu Security :: Remote Sudo In Natty

May 30, 2011

When I access a remote Natty client using VNC I cannot use the sudo command in a terminal. In fact, the terminal closes itself as soon as I type the sequence sud. Even su d. Or su d.

Sua, su a, su c, su e do not cause the terminal to close itself.

This appears to be some sort of new security "feature".

How do I "work around" it?

[edit]
I'd better elaborate.

I have a remote Natty running 11.04 64-bit desktop version. I have installed tightvncserver on it. I log in on 5901 from a Ubuntu 10.04 64-bit desktop using vinagre. The desktop works fine except when I open a terminal in it and type sud. As soon as I type the d the terminal vanishes. This appears to be a deliberate feature. I also log in to other clients that run 10.04 and this does not happen. I have run Mint 11 in VirtualBox on my local machine and created the same remote desktop and viewed it from mint 11 itself. Same thing happens.

It seems to me that 11.04 has been modified to kill a terminal that is part of a VNC display when sud are typed.

how to remotely administer a 11.04 desktop?

View 2 Replies View Related

Ubuntu Security :: Sudo Chmod 777 - Segmentation Fault

Mar 7, 2010

In a rage of anger against VI I decided to open my firewall config file in gedit, made some changes and was then confronted by the fact that it was read only. I decided to change the permissions for the whole of the /etc folder with:
Code:
sudo chmod 777 /etc/*

This also changed /etc/sudoers so that now whenever I try to use sudo I get the error:
sudo: /etc/sudoers is 0777, should be 0440
segmentation fault
I cannot change it back to 440 because I need sudo to do that.

View 4 Replies View Related

Ubuntu Security :: Sudo User_Alias Referenced But Not Defined?

Sep 3, 2010

I'm trying to configure my SUDO entries, for this I've added the next lines:User_List ADM = usernameADM ALL=(ALL) NOPASSWD: ALLWhen I close and save the file sends me the following warning>>> /etc/sudoers: syntax error near line 12 <<<visudo: Warning: User_Alias `ADM' referenced but not definedhat now?

View 1 Replies View Related

Ubuntu Security :: Automatic Sudo Privilege For Lacie 4L?

Nov 16, 2010

Users of Lacie's 4L which is used to burn labels for your Lightscribe disks, are required to have the app run with sudo privileges, (the command being: gksudo 4L-gui). On an older version of an Ubuntu install, I had it set up so that it did this automatically, without it, (or me), being asked for a password. I thought it was something I added to the sudoers file, to give 4l-gui automatic authority, but I forgot how i did it.

View 2 Replies View Related

Ubuntu Security :: Remove 'sudo' Via The Software Center?

Jul 10, 2011

I've installed Ubuntu via UNetbootin from USB on my child's computer. It comes by default with the sudo command which I find really annoying to work with. I'd rather have my su command.

Now, while googling for a removal instruction, I've read that the sudo command is tied to system functions on some Ubuntu live systems and can't be removed easily. Does anyone know if this applies to the 10.04 live version used by UNetbootin and how to work around this problem?

If not, is it simply enough to remove 'sudo' via the software center? I find many tutorials on how to switch from su to sudo but not much about the other way around.

View 7 Replies View Related

Ubuntu Security :: Sudo Versus SU And Superuser Privileges

Jul 19, 2011

So, I'm not quite sure what the difference is? Is it that sudo allows you to "borrow" superuser privileges, whilst su allows you to actually log in as superuser? Also, when I sudo [command] and get prompted for a password, after I input it, things work just fine, but if I su, and then get prompted for a password, I can't log in as superuser... Why is this?

View 9 Replies View Related

Security :: Cmnd_Alias Entries In Sudo?

Jan 5, 2010

Like many (most?) home users, until now I've had my regular userid in sudoers as "ALL = (ALL) ALL". It occurs to me that, even though my machine has no open ports, this is probably not a good idea - just in case my firewall suddenly burns down. So, if my thinking is right on this, I'm wondering if there is a generally approved list of Cmnd_Alias entries? At this point, I've decided to only add entries as I use them, and to try to honestly appraise my need to do the entry as sudo, vs opening a virtual console as root. My root password is non-trivial.

View 3 Replies View Related

Security :: Using Sudo Instead Of Root Be Safer?

Apr 5, 2011

Consider: [URL]

In security terms, would using sudo instead of root be safer? I'd actually prefer to use this if so; I like sudo an awful lot. (It's Mark Shuttleworth's fault)

View 10 Replies View Related

Security :: Sudo Asking For Password When It Shouldn't?

May 9, 2011

I have a RHEL 5.5 system set up with two users in the sudoers file to run certain commands without a password prompt.I do not have "Defaults requiretty" in the sudoers file.However, for both users, when I issue: sudo -l, it prompts for a password and logs in /var/log/secure:sudo: userx: no tty present and no askpass program specified

View 2 Replies View Related

Security :: Sudo To Disallow Certain Commands?

Jan 10, 2011

trying to devise a new sudoers configuration while building a new SOE and would like to force everyone (including system administrators) to use rootsh in favour of doing things like sudo -s, sudo bash, sudo tcsh and so forth. Effectively, use sudo to use any shell other than rootsh. Is there a way to allow users to run anything they want except shells. I realise this is a default permit which inherently is defective, but I'm not convinced that going through the 1559 executable commands of my (as yet incomplete) built system to decided on the likely 1000+ commands I would want to be genuinely allowed. As I said this is for system administrators first, and I'd like to forcibly instil the habit of sudo <command> or using rootsh to get an audited shell. But I know people are already not doing enough sudo <command> as it stands, rather they switch to bash.

View 7 Replies View Related

Security :: Sudo To Root Without Password?

Jan 26, 2011

We have a couple of clusters that are running Oracle. If you're familiar with Oracle you know that it basically has to be installed as root. Something I detest. anyway, when we are building out the box, we change the root pw and give it to the DBA team to do their installs and configs. When they are done, we change the root pw (and do not give it to them), and configure sudo to allow them the rights needed to manage Oracle and their databases.

Now however, we have a different situation. The DBAs need access to uninstall and reinstall components and make modifications on an ongoing basis. Since we only support OS and hardware, not app, they are requesting permanent root access. I promptly told them no, and the politics ensued. Their manager went to their director, who went to my director, and suddenly an exception is given for his good golfing buddy. So here I am, forced to turn lose DBAs on my clusters with full root access/pw. I need a way to allow specific users (or perhaps a specific user group) the ability to become root WITHOUT sharing the root pw with them.

View 3 Replies View Related

Ubuntu Security :: Which Process Make Sudo Gconftool On Computer

Jan 29, 2010

On my HTPC/Server unbuntu box I have installed logwatch in order to get a daily look on my computer activity.

And I often have this line in the report :

Quote:

root => my_user
-------------
/usr/bin/gconftool - 3 Times.

The corresponding line in auth.log are :

Quote:

./auth.log:Jan 28 07:59:31 sweetBox sudo: root : TTY=unknown ; PWD=/ ; USER=my_user ; COMMAND=/usr/bin/gconftool --get /system/http_proxy/use_http_proxy
./auth.log:Jan 28 07:59:32 sweetBox sudo: root : TTY=unknown ; PWD=/ ;

[Code].....

View 6 Replies View Related

Ubuntu Security :: Sudo Password Necessary For Regular Desktop Users?

Mar 10, 2011

I've set up a user account for friends & colleagues that does NOT require a login password. Unfortunately, in this OS some things don't work unless you login -- sudo Must regular users have AND use Root's password?

View 9 Replies View Related

Security :: Sudo Access For An User To A Script?

Jan 18, 2011

I am trying to get a non-root account on one of our servers to run a script with sudo capability. To that end, I went into the /etc/sudoers file, and added the following syntax:

Code:
## Enable the nagios user to run the check_iptables.sh script as root
nagios ALL=NOPASSWD: /usr/local/nrpe/libexec/check_iptables.sh, /sbin/iptables

I restarted the nagios service, and tested the results. The results were the user account still could not run the script due to the user, nagios, not having permission to run the iptables binary.

Is there another step(s) that I need to take in order to get the sudo access available to the user account?

View 1 Replies View Related

Security :: Sudo Non-user/non-root Password?

Feb 19, 2010

Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.

Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.

View 3 Replies View Related

Security :: SUDO Permission Setup On Particular Dir - Recursive

May 6, 2010

I am looking for a way to setup sudo access for a user, so that he can change permission of all files of the given dir.

eg:

By this user can change ownership of files which are on depth bellow to given dir (i.e /etc/userA-conf/), but while trying to change permission of /etc/userA-conf/../user-conf2 , getting error, user userA don;t have that permission.

Let me know what will be the right regex/pattern to achieve this.

In Solaris it's working fine, but I am trying it on Linux RHEL5.

View 3 Replies View Related

Security :: Take Away Ability Of Using Sudo For Common Users

Mar 9, 2011

I decided to consult you before making any changes, because the clients' PCs are spread all over the country and I do not have the physical access to their boxes.The idea is to take away the ability of using sudo for common users.I know that the syntax of this file may vary a bit in different distributions.Our OS is Ubuntu 10.10.I created the account 'support' for me and other technician stuff of our department. So, 'support' user must have all the power. And common users mustn't have access to 'sudo'. This is the requirement.As far as I remember, in Slackware the user must be a member of 'wheel' group to be able to use 'sudo' (but I may be wrong).

View 3 Replies View Related

Ubuntu Security :: After Booting Up From The Restored Filesystem - Sudo Would No Longer Work

May 28, 2010

I'm having some trouble using sudo - it did work fine, but now when I try to use it, I have the following error:

I understand that I have to modify /etc/sudoers but need to have root access to do this. I am using a bootable USB (lucid) with persistent changes and am unable to login as root, because I don't know the default root password, and am unable to use sudo to change it.

The problem occurred after I had some corruption to the casper file system, so I booted into Windows, moved the casper-rw file to another location on my flashdrive, and used a 1GB backup filesystem to repair the corrupt one using fsck.

After booting up from the restored filesystem, sudo would no longer work.

View 9 Replies View Related

Ubuntu Security :: Patch For Sudo That Allows Sudoers Information To Be Pulled From MySQL?

Apr 12, 2011

This may be a stupid (?) question, but does any one know of a patch for sudo that allows the sudoers information to be pulled from mySQL?
I run multiple servers with multiple people working on them and would like a one-stop update of permissions.
Yes, I could use rsync or the like, but I'm just wondering if this has been done, or could be done.

(Sorry if this is the wrong forum, I'm kinda new around here, posting wise and this seemed to fit. Feel free to move it if it's not)

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved