* W B Hacker <wbh@???> [2006-04-16 06:33:32 +0800]:
> >>If I'm mail and I run sudo it asks for the root password. What do I need
> >>to add to get around that?
> >
> >
> >See NOPASSWD in man sudoers.
> >
> >regards,
> >John
> >
>
> ??
>
> Is that a good idea?
>
> I think I am beginning to see why some folks say Linux is no
> more secure than Windows.....
sudo can be fine-tuned. If you give user mail access to run iptables as
root and *only* iptables as root, then you should be ok. Or, even
better, write a script to do it and give sudo access to the script; then
you can really restrict what parts of iptables user mail can use.
For a writeup of sudo you can read this:
http://linsec.ca/syshardening/sudo.php
otherwise, man sudo and man sudoers are you friend.
--
Annvix - Secure Linux Server:
http://annvix.org/
"lynx -source
http://linsec.ca/vdanen.asc | gpg --import"
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4}
Wasting time like it was free...
