Re: Giving full administrator privileges through sudo on production systems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 


> On Aug 16, 2019, at 11:12 PM, John Pierce <jhn.pierce@xxxxxxxxx> wrote:
> 
> On Fri, Aug 16, 2019 at 8:39 PM Bagas Sanjaya <bagasdotme@xxxxxxxxx> wrote:
> 
>> Why did you say it is wrong to give full admin privileges to random users?
>> 
> 
> 
> $ sudo rm -rf /
> 

I like this one. Long-long ago it was one of the “tricky” questions at the UNIX admin test (exam). Basically, no matter how devastating that may sound, the command only will remove what is (alphabetically it was that time) before /dev/[root_device]. Once the device root filesystem lives on is removed from /dev, no further damage is done. So, you will be able to mount drive on another machine and get your /etc, /home, /var, /usr/local intact ;-) Asking that question other people gave me (an them usually) a lot of fun.

Valeri

> $ sudo <install keylogger of choice>
> 
> $ sudo cp /etc/{passwd,shadow} $home;   (run john-the-ripper against
> passwd/shadow files).
> 
> etc etc etc.
> 
> 
> 
> -- 
> -john r pierce
>  recycling used bits in santa cruz
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos

++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux