On 10/30/23 18:36, Samuel Sieb wrote:
On 10/30/23 18:15, ToddAndMargo via users wrote:
Hi All,
It seems to me that since /etc/sudoers is visible from a
standard user account, that all a bad guy has to do is
cat the file, find some program that is elevated, then
overwrite that program with his evil deeds, and boom,
you are hacked.
Am I missing something?
If the bad guy can overwrite the executable, then you have a bigger
security problem.
I can see if someone is not careful so make sure the
programs in sudoers are not locked to root, you
would get in trouble, as you did state.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
