Re: [exim] sudo - iptables trick

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M\MJohn Hall at <-
MMMStephen Gran at ->
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: exim users
Subject: Re: [exim] sudo - iptables trick


John Hall wrote:
> On 4/15/06, W B Hacker <wbh@???> wrote:
>
>
>>>> If I'm mail and I run sudo it asks for the root password. What do I need
>>>> to add to get around that?
>>>>
>>> See NOPASSWD in man sudoers.
>>>
>
>
>> ??
>>
>> Is that a good idea?
>>
>> I think I am beginning to see why some folks say Linux is no
>> more secure than Windows.....
>>
>
> It depends. Obviously if you have
>
> mail ALL=(root) NOPASSWD ALL
>
> then that's not a good idea, but if you restrict mail to running just
> some wrapper scripts that invoke iptables appropriately, then it is
> reasonably secure.
>
> cheers,
> john
>
Thanks for your help. What would be a more restrictive example?


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] linefeeds in check_data aclRe: [exim] spam_score_int signed or unsigned?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)