security & suid/sudo plugins

Hari Sekhon hpsekhon at googlemail.com
Thu Aug 31 16:43:05 CEST 2006

Previous message: security & suid/sudo plugins
Next message: security & suid/sudo plugins
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alexander Harvey wrote:
> I am using sudo, except that customer won't sign the change!:-)
>
> On 9/1/06, *Hari Sekhon* <hpsekhon at googlemail.com 
> <mailto:hpsekhon at googlemail.com>> wrote:
>
>     Alexander Harvey wrote:
>     Hi,
>
>     I have a difficult customer who won't sign off changes based on
>     the security risk using suid plugins, for example, check_logfiles.
>     What does one do about this situation?
>
>     Regards,
>     Alex
>
>     ------------------------------------------------------------------------
>
>     -------------------------------------------------------------------------
>     Using Tomcat but need to do more? Need to support web services, security?
>     Get stuff done quickly with pre-integrated technology to make your job easier
>
>     Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
>
>     http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 <http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642>
>
>     ------------------------------------------------------------------------
>
>     _______________________________________________
>     Nagios-users mailing list
>     Nagios-users at lists.sourceforge.net
>      <mailto:Nagios-users at lists.sourceforge.net>
>     https://lists.sourceforge.net/lists/listinfo/nagios-users
>     ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
>     ::: Messages without supporting info will risk being sent to /dev/null
>
>
>
>     use sudo, that's what it's for.
>
>
>
>     Hari Sekhon
>
>
tell the muppet customer that sudo is safer and was designed for this 
purpose. No other account can use the command with the elevated 
privilege and that no other user can use that account, especially if you 
lock it and /bin/false it as well for 2 level protection that the 
account can't be used by anybody (apart from root, by which point you're 
already hosed and that will be the least of your worries).



Hari Sekhon


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20060831/c56de541/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: security & suid/sudo plugins
Next message: security & suid/sudo plugins
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list