[sudo-users] Problem script sudo
syberghost at gmail.com
Tue Jun 23 05:34:41 MDT 2015
On Tue, Jun 23, 2015 at 6:21 AM, Ken Masters <kmastersf at gmail.com> wrote:
> Hello friends:
> I need your help.
> I have a script with right permision for others, and someone put inside
> "sudo su -" when anybody execute it can convert in root.
> How can avoid it.
Never, ever, let people run a script as root if they (or anyone not
trusted) can edit it. All scripts to be run as root must be examined and
loaded by SAs. This is the only guaranteed way to avoid it.
It means more work for the SAs, but that's why we get paid the medium bucks.
More information about the sudo-users