sudo and xterm?
Ok, perhaps this is indicative of my level of experience with linux, but I just discovered that I was able to enter 'sudo xterm' on my system and get a root shell. This seems to me to be a rather large hole in the security on my system, as it means that a compromise of my user could also possibly give someone access to root. Is there any way to deny specific commands with visudo, or will I have to deny everything, and then start allowing the various commands I run through sudo? I know that the latter option will result in a much more robust security policy, but it seems like a big nuisance to configure sudoers like that when I am basically the only user on this computer. Opinions?
Thanks
|