hi all,
i was trying to implement vnc on a remote server via ssh. suppose a normal non-root account is called "user1" and assume that via sudo, i want to allow that user to run any command as user root without specifying a password each time he logs in for running selected programs.
So, in that file, i added added: user1 ALL = NOPASSWD: ALL
I know this does not sound good for security , so hence my post to you all ....
what are the security risks and what are the precautions to be taken ?
I want to restrict a user (or any number of users) to only run certain applications:
Any idea/input is welcome
thanks for reading-- _svaksh_
Svaksh wrote:
hi all,
i was trying to implement vnc on a remote server via ssh. suppose a normal non-root account is called "user1" and assume that via sudo, i want to allow that user to run any command as user root without specifying a password each time he logs in for running selected programs.
So, in that file, i added added: user1 ALL = NOPASSWD: ALL
U might as well tell the user the root password.
I want to restrict a user (or any number of users) to only run certain applications:
Example: Cmnd_Alias VNCCMD = /usr/bin/a,/usr/bin/b,/usr/bin/whatever user1 ALL = NOPASSWD: VNCCMD
Still it is better that NOPASSWD is not specified.
Any idea/input is welcome
It's all there in the sudo man page. Why don't you read it before mailling to the list.
_svaksh_
-- Soumen Dass [Registered Linux User # 272639 - Linux nova 2.4.22-1.2115.nptl i686]
On 4/29/05, Soumen Dass soumen_dass@mtnl.net.in wrote:
So, in that file, i added added: user1 ALL = NOPASSWD: ALL
U might as well tell the user the root password.
well the user is me wanting to access my m/c remotely and i found another way out.
I want to restrict a user (or any number of users) to only run certain applications:
Example: Cmnd_Alias VNCCMD = /usr/bin/a,/usr/bin/b,/usr/bin/whatever user1 ALL = NOPASSWD: VNCCMD
Still it is better that NOPASSWD is not specified.
..already restricted it to a particular application instead :) thanks ...
-
Soumen Dass -
Svaksh