Bugtraq mailing list archives
Re: 'sudo' recommendations
From: cschuber () uumail gov bc ca (Cy Schubert)
Date: Wed, 18 Nov 1998 17:06:18 -0800
In message <Pine.LNX.3.96.981118164632.6555C-100000 () enigma repsec com>, Brian M artin writes:
I'd like to thank Mr. Miller for maintaining the 'sudo' package, as well as having the foresight to address the potential security concerns as outlined above.
You can also issue sudo -k to delete the sudo ticket before running something potentially dangerous. The problem you discuss is also an issue with Kerberos. Any potential attacker could use cached Kerberos tickets to gain access to hosts, services, or privileges. To circumvent this, kdestroy your Kerberos ticket or log in as a different user. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Open Systems Group Internet: Cy.Schubert () uumail gov bc ca ITSD Cy.Schubert () gems8 gov bc ca Government of BC
Current thread:
- KDE Screensaver vulnerability Christian Esken (Nov 18)
- Re: KDE Screensaver vulnerability Jason Axley (Nov 18)
- Re: KDE Screensaver vulnerability pedward () WEBCOM COM (Nov 18)
- 'sudo' recommendations Brian Martin (Nov 18)
- Re: 'sudo' recommendations Cy Schubert (Nov 18)
- Re: 'sudo' recommendations Alexey Kuzmichev (Nov 18)
- Re: 'sudo' recommendations Cy Schubert (Nov 18)
- <Possible follow-ups>
- Re: KDE Screensaver vulnerability pedward () WEBCOM COM (Nov 18)
- Re: KDE Screensaver vulnerability Henrik Nordstrom (Nov 18)