|
|
Being root without enabling root
I noticed this before. Isn't it a gaping security hole? enabled or not, any admin can become root using this method, whereas in *NIXs, there's usually a list of users who are allowed to sudo and what commands they're allowed to run.
Being root without enabling root
This isn't really a security hole, as all users with sudo access can be easily configured in /etc/sudoers. By default all users in group admin have full access to the sudo command, but quite a bit of configuration can be done here to customize what you want people to be able to do.
Being root without enabling root
You should view any admin user as a root user. In the current security model an admin user can become root without sudo.
Being root without enabling root
What? Become root without sudo? Explain! ---
Being root without enabling root
The finder allows any admin user to authenticate to replace root owned files and change ownership etc. Therefore it is a simple exercise to put a hook in to, say the boot rc file, to create a file that will give the admin person the ability to become root.
It is NOT a security flaw, but a design decision. As I said, an admin users is the equivalent of root. There is a discussion of it here
Also...
Additionally, any admin user can enable the root user and supply a root password...
Being root without enabling root
If you want to let non-admins do a few selected actions as root, study and then carefully edit /etc/sudoers.
Being root without enabling root
study very carefully.... |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.06 seconds |
|