LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page permit first or deny first in /etc/sudoer
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
Page 2 of 2 1 2
  Search this Thread
Old 02-21-2017, 04:07 AM   #16
gbcbooks
Member
 
Registered: Aug 2014
Posts: 199

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by pan64 View Post
the right way is to create a strict list about what is allowed (and how, for whom). Any kind of weakness/looseness/negligence may lead to full access to the system (without control and audit).
From the other hand it looks very strange for me (to run huge amount of processes as root), so probably you need to think about reorganizing it (for example using a different account).
i know that. combining to the practice , it could cost a huge damage for the company if you make a mistake even thought it just a simple commands.

we need to do this step by step .
 
Old 02-21-2017, 04:12 AM   #17
r3sistance
Senior Member
 
Registered: Mar 2004
Location: UK
Distribution: CentOS 6/7
Posts: 1,375

Rep: Reputation: 217Reputation: 217Reputation: 217
yes, there is a huge cost, which is why step 1 needs to be "get the use cases" and step 2 needs to be "verify the user cases". This shouldn't be phase 3 but phase 1.

It sounds like you've inherited a system which has probably been set-up horribly, you should get it marked for replacement with a new system ASAP. For a stop gap, you could look to start writing simple scripts to do what is required and place them in a separate directory that is added to the PATH environmental, but I'd still look to get the system replaced by something on a priority basis if the permissions you have inherited were already too open.
 
  


Reply
Page 2 of 2 1 2



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
squid proxy server configuration in rhel5 and deny deny accessing websites renjindd Linux - Newbie 1 09-09-2012 08:58 AM
how to deny user from accessing FTP service using /etc/hosts.deny in redhat 6 raasukutty Linux - Security 6 01-19-2012 04:32 PM
sudoer spidna Slackware 2 10-17-2006 02:51 AM
Sudoer??? SBN Linux - Software 1 10-03-2006 11:15 PM
never_direct deny all vs. always_direct deny all simplyrahul Linux - General 1 02-16-2005 02:42 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:53 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration