sudo hole

ayf6

Registered
if any user goes to the terminal and does sudo -s and when prompted for a password enters their OWN password they have gained root access. For some reason Apple decided it would be nice to include ALL:ALL in the sudoers file by default. This is a HUGE security hole so you all might want to look into locking down your sudoers file. If a user issue's passwd after doing sudo -s they will change ROOT's password. You all better check this out.

 

nauseum

Registered
that is not entirely true.

in fact, only an ADMINISTRATOR can gain sudo access to root.

admittedly not the security setup i would have on any of my servers, but you have to admit, if a user is an ADMINISTRATOR, requiring sudo for root style actions is really only a formality.

in all of the GUI administrative tasks, an ADMINISTRATOR has by default full root-like privileges.

cheers,
NauSeuM
 

scruffy

Notorious Olive Counter
Originally posted by nauseum
in all of the GUI administrative tasks, an ADMINISTRATOR has by default full root-like privileges.
Not quite true, in fact - try to drag the System Preferences app into a subdirectory if /Applications. No dice.

What bugs me is that they took away the need to authenticate with a password in the preferences. Now the locks are by default <i>un</i>locked if you are logged in as an admin. As you say, not the sort of security I would run on a server.

But then again - "nidump passwd ."

Security? What's that?
 

nauseum

Registered
Originally posted by scruffy


But then again - "nidump passwd ."

Security? What's that?
on any RedHat linux system prior to 6

cat /etc/passwd

don't even have to be an 'administrator' :)

security is what the user/owner makes of it.

*shrug*

NauSeuM
 

Dominion

Unix Guru/God ;-)
If your refering to OSX workstation, then there is pretty much no point in security since the user will have physical access to the machine. Unless you're removing the machine from the users access, and making it a server, it's pretty pointless to worry about it.

*Shrug*

Still, what annoyed me, was that the "root" password is not the "Administrator" password that you set during install in the released OS-X (workstation) product. This is somewhat confusing, because the first thing I tried to do was su - and I couldn't. However sudo was the 'backdoor' which let me set a root password.

If your serious about setting up OS X and getting the user permissions and privs under control, I would suggest using a centralised LDAP auth server for the details so the user doesn't get any special ability. But you'd still need to ensure they are not an "admin" and not able to run certain commands in the shell. Again, why bother since they can jsut reboot and run up of a CD or whatever they like.. *shrug*

:)
 
Top