sudo -s

Discussion in 'Open Source' started by ravix, Jun 30, 2006.

Thread Status:
Not open for further replies.
  1. ravix

    ravix New Member

    Joined:
    Apr 28, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    0
    any body can gain access to root by cmd "sudo -s" howto prevent this:mad:
     
  2. JGuru

    JGuru Well-Known Member

    Joined:
    Dec 25, 2005
    Messages:
    1,705
    Likes Received:
    32
    Trophy Points:
    48
    Location:
    Space-time continuum
    That's a good question!! Either you delete the sudo executable, or move it to some
    other place or rename it to a different name!! A good solution is move the executa
    -ble 'sudo to your '/home/' and don't give the other users read-access or any other
    access. 'Sudo' is located in the '/usr/bin' folder.
     
  3. praka123

    praka123 left this forum longback

    Joined:
    Sep 7, 2005
    Messages:
    7,513
    Likes Received:
    24
    Trophy Points:
    0
    Location:
    -
    http://www.sudo.ws/pipermail/sudo-users/2003-May/001538.html

    Also refer:
    http://forums.macnn.com/archive/index.php/t-18166.html
     
    Last edited: Jun 30, 2006
  4. mehulved

    mehulved 18 Till I Die............

    Joined:
    Jul 15, 2004
    Messages:
    5,790
    Likes Received:
    44
    Trophy Points:
    0
    Location:
    India, Mumbai, Marine Lines
    Just make it non-executable for other users except you.
    Code:
    sudo chmod o-x /usr/bin/sudo
    But if your account is compromised then well this trick won't help and neither will JGuru's.
     
  5. JGuru

    JGuru Well-Known Member

    Joined:
    Dec 25, 2005
    Messages:
    1,705
    Likes Received:
    32
    Trophy Points:
    48
    Location:
    Space-time continuum
    If you want the best unbreakable protection you must include Biometrics. Including
    a retina scan & a thumb print scanner. There are some Biometrics software
    available in Linux. The researchers say that even finger-print can be spoofed by using
    gelatin or other similar substances!! So the new Biometrics software looks for Sweat!!
    Read more about it here:
    http://news.zdnet.com/2100-1009_22-6003440.html
     
    Last edited: Jul 1, 2006
  6. chesss

    chesss mera kutch nahi ho sakta

    Joined:
    Oct 22, 2005
    Messages:
    876
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    Delhi
    Wouldn't they have to know the pasword as well??
     
  7. mediator

    mediator New Member

    Joined:
    Mar 18, 2005
    Messages:
    2,491
    Likes Received:
    16
    Trophy Points:
    0
    Location:
    In ur Evil Mind!
    How dood?? My FC5 says "mediator is not in the sudoers file. This incident will be reported."
     
  8. mehulved

    mehulved 18 Till I Die............

    Joined:
    Jul 15, 2004
    Messages:
    5,790
    Likes Received:
    44
    Trophy Points:
    0
    Location:
    India, Mumbai, Marine Lines
    Well mediator just do this
    Code:
    su
    visudo
    And search for tutorials on net on how to add user/group to sudoers file.
    I have left the ubuntu defualt
    %admin ALL=(ALL) ALL.
    Well you can customise it to your needs.
     
Thread Status:
Not open for further replies.

Share This Page