Re: [PLUG] AV software for Linux (sudo)

JP Vossen on 14 Dec 2007 18:54:02 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] AV software for Linux (sudo)

From: JP Vossen <jp@jpsdomain.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] AV software for Linux (sudo)

Date: Fri, 14 Dec 2007 13:53:53 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

Date: Fri, 14 Dec 2007 09:13:06 -0500 From: "Steve Morgan" <stevem.firefly@gmail.com> Subject: Re: [PLUG] AV software for Linux
>
No, still use sudo. You can set up the sudoers file in two different ways: A) the user can type in sudo <command> and it gets executed right away (like how it is set up default in Ubuntu), or B) the user can type in sudo <command> and it will prompt for their own password before execution. The theoretical virii will have no idea what the user's own password is and therefore would not be able to execute the command. Do indeed use sudo, but have it require their password to execute anything when attempting to execute a command with sudo.

I'm not sure if the OP is interested in this granularity, but FYI youcan also set up the sudoers file to:
* Only allow certain users to sudo * Only allow certain users to sudo using certain commands * Many combinations and variations of the above
'man sudoers' has the details, which I admit look a little hairy atfirst glance. It's actually easier than it looks (kinda), and there arelots of examples on the 'Net.

Having said all of that, one of the tricky things with trying torestrict users is that many tools have a way to "shell out" and get acommand prompt. So if I do not allow you to sudo foo, but I do allowyou to sudo vi, you can sudo vi, shell out and run foo anyway. This isprobably starting to get out-of-scope, but just in case. Sudo is aGREAT tool, but doing more than a binary root/not-root isn't trivial.
Later, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- Microsoft has single-handedly nullified Moore's Law. Innate design flaws of Windows make a personal firewall, anti-virus and anti-malware software mandatory. The resulting software arms race has effectively flattened Moore's Law on hardware running Windows. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] AV software for Linux (sudo)
From: Art Alexion <art.alexion@verizon.net>

Re: [PLUG] AV software for Linux (sudo)
From: Dan Widyono <dan@widyono.net>

Prev by Date: [PLUG] Issues with Java/Tomcat on RedHat

Next by Date: Re: [PLUG] AV software for Linux (sudo)

Previous by thread: Re: [PLUG] Issues with Java/Tomcat on RedHat

Next by thread: Re: [PLUG] AV software for Linux (sudo)

Index(es):

Date

Thread