in reply to Re: Re: Re: Re: qx//, ssh -t (pseudo-tty) and sudo
in thread qx//, ssh -t (pseudo-tty) and sudo

Yes I agree with you that sudo is better than direct root acess. And on my system I don't allow remote root login anyway.

Given that /etc/sudoers is supposed to be read-only (444), this smacks of an insecure installation.

Yes the /etc/sudoers file was read-only, but my script does -
chmod u+w /etc/sudoers
... bits to modify my sudoers entry ...
chmod u-w /etc/sudoers

[download]
When I do a sudo make, *every* command inside the Makefile are automatically run with ROOT priviledges, so there is no secure system when I can do "sudo make". :)

(I know this is OT, but interesting to know and talk about. So one thing I never do is to give people sudo access on make)

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: Re: qx//, ssh -t (pseudo-tty) and sudo
by shockme (Chaplain) on Nov 12, 2003 at 03:24 UTC
    Okay, then you're original statement (Roger thinks ssh->root is as secure/insecure as ssh->sudo.) is somewhat qualified. I can live with that. It was that statement that led to my original reply. They're not the same, and I think we've both made that clear.

    The end. ;)

    If things get any worse, I'll have to ask you to stop helping me.

[reply]

In Section Seekers of Perl Wisdom