LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-21-2008, 11:50 AM   #1
harsh5235
LQ Newbie
 
Registered: May 2008
Posts: 1

Rep: Reputation: 0
Check to see which users have root level acess


I am on a giant shared system.

is there an easy way for me to check which users have root level access?

Maybe some file in /etc/ or something?
 
Old 05-21-2008, 12:13 PM   #2
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
Assuming YOU have root access:

1) Check for users with UID of 0 in /etc/passwd. Ideally only root has this but some people never learn and think they've somehow done security setup by making a different name with the same UID as root. Doing that is the same as giving them root so why bother.

2) If the system runs sudo then run visudo and examine the sudoers file to see if you've given root access (e.g. "su" or "su -" with no user following would mean whoever has that grant has permission to sudo to the root user.)
Also look for less obvious things that might have shell escapes that would have the same effect (e.g. "vi" or "vim" - if user can run "sudo vi" or "sudo vim" they can get root access simply by typing ":!" once the vi/vim session starts.)

3) Do a find for files owned by root that have the setuid flag on them. Such files would execute as root. This is required for some things but should be used sparingly and NEVER on a shell script that can be edited by anyone other than root.
 
Old 05-21-2008, 06:40 PM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,348

Rep: Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749Reputation: 2749
Also,
cat /etc/group
should show only 1 entry (root) in the record for the root group (gid=0).
For the paranoid, check /etc/passwd gid fields
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
emacs in run level 3 then switch to X (level 7) then back to level 3 dsoliver Slackware 3 09-01-2006 03:31 AM
VNC: acess XP computer with more users AlterAngelus Linux - Networking 1 07-21-2005 06:58 AM
how to check cpu level? naijaguy Linux - Newbie 7 02-05-2005 02:20 PM
How to allow all users Acess to usb devices not in /dev pHaT tAcO Debian 3 05-04-2004 06:34 PM
root acess? SnowSurfAir Linux - Software 12 08-08-2003 04:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration