Hello all,
Let's say that on a production system, a sysadmin configure
The entry above allows
assumed that
Is it true that with above situation, the sysadmins effectively giving the
Bagas
Let's say that on a production system, a sysadmin configure
/etc/sudoers
with following entry:
Code:
%teens ALL=(ALL:ALL) ALL
The entry above allows
teens
group (which is untrusted) to execute any commands with sudo
. The sysadmin assumed that
teens
group knows what they are doing.Is it true that with above situation, the sysadmins effectively giving the
teens
group root access? Can it harm the system?Bagas