Liste des Groupes | Revenir à ol misc |
AFAIR, /usr/bin/sudo is a 'sticky' binary owned by root, so it immediately gets root access, better hope nobody finds a way to abuse that before it's decided whether or not to let you do what you asked it.You are correct.
I've encountered plenty, not so well controlled, where all it takes is "sudo su -"That's why I would tend to allow non-SA teams to have sudo with a specific command (possibly without needing to re-enter their password) while only allowing the Unix SAs to have `sudo su` et al. access.
Les messages affichés proviennent d'usenet.