Samuel Sieb wrote:
> On 10/30/23 18:15, ToddAndMargo via users wrote:
>> Hi All,
>>
>> It seems to me that since /etc/sudoers is visible from a
>> standard user account, that all a bad guy has to do is
>> cat the file, find some program that is elevated, then
>> overwrite that program with his evil deeds, and boom,
>> you are hacked.
>>
>> Am I missing something?
>
> If the bad guy can overwrite the executable, then you have a bigger security
> problem.
True. But also, /etc/sudoers should not be readable by
anyone other than root:
On f37:
$ rpm -qlv sudo | grep /etc/sudoers$
-r--r----- 1 root root 4375 Mar 1 2023 /etc/sudoers
If you have edited the file manually, your editor may have
screwed up the mode. You should use visudo to edit the
file, generally.
--
Todd
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
