Re: How do I make sudo "trusted"?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Stephen Smalley wrote:

On Thu, 2004-03-11 at 10:19, Aleksey Nogin wrote:


Contrast the following two:

% su -c id
Password:
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=root:sysadm_r:sysadm_t


% sudo id
Password:
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=user_u:user_r:user_t


How do I change my local policy so have sudo grant the same sysadm permissions as su does? Is it possible to make it tunable? Or is this something that is very dangerous and should not be done? Thanks!


sudo authenticates the current user, not the target user, so having it change the SELinux user identity would be dangerous. It can change roles (if the current user identity is authorized for the role) via the -r option. Hence, if you add yourself to policy/users and authorize yourself for staff_r and sysadm_r and reload your policy, then you should be able to do sudo -r sysadm_r <command>.

In order to have sudo safely change the SELinux user identity (to root),
you would need another mechanism for specifying what roles/domains are
permitted to the calling user, e.g. new fields in /etc/sudoers.  Even
then, you still need to start from staff_r in order to reach sysadm_r;
the policy doesn't allow user_r to transition to sysadm_r (if SELinux is
in enforcing mode).



All true.

But there's always
   sudo su -

73 de Jeff




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux