[juneau-lug] Re: visudo

• From: James Zuelow <e5z8652@xxxxxxxxxx>
• To: juneau-lug@xxxxxxxxxxxxx
• Date: Tue, 03 Feb 2004 16:35:03 -0900

On Tue, 03 Feb 2004 10:27:03 -0900
Stephen <sbodnar@xxxxxxx> wrote:

> The scripts, if I remember correctly, mostly used !/bin/sh but called
> up RCS so the file could only be editted by one session at a time. This
> was to prevent corruption of live system files, but also prevented the
> security problems mentioned above.
> 
> Stephen

System security tricks like that would be an interesting thing to go over at a 
meeting sometime.  I'd like to see someone demo an exploit taking advantage of 
editing /etc/passwd or /etc/sudoers insecurely, and then some ways of 
preventing that aside from "use visudo".  I know that my knowledge in the area 
is really very weak.

Cheers,

James

------------------------------------
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
word unsubscribe in the subject header.

• References:
  • [juneau-lug] Re: visudo
    • From: James Zuelow
  • [juneau-lug] Re: visudo
    • From: Jamie
  • [juneau-lug] Re: visudo
    • From: James Zuelow
  • [juneau-lug] Re: visudo
    • From: Stephen

Other related posts:

• » [juneau-lug] visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo
• » [juneau-lug] Re: visudo

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription