Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: del on June 16, 2003, 04:38:13 AM
-
Hi All,
I recently received this email
From: www@mydomain.com
To: root@mydomain.com
Subject: *** SECURITY information for linux-server ***
Message:
linux-server : Jun 9 16:51:47 : www : /etc/sudoers is mode 0777, should be 0440 ; TTY=unknown ; PWD=/usr/local/squidGuard/www ; USER=root ; COMMAND=/etc/rc.d/init.d/squid restart
Can anyone help me decipher it!
Thanks,
Del
-
del wrote:
> I recently received this email
> From: www@mydomain.com
> To: root@mydomain.com
> Subject: *** SECURITY information for linux-server ***
> Message:
> linux-server : Jun 9 16:51:47 : www : /etc/sudoers is mode
> 0777, should be 0440 ; TTY=unknown ;
> PWD=/usr/local/squidGuard/www ; USER=root ;
> COMMAND=/etc/rc.d/init.d/squid restart
>
> Can anyone help me decipher it!
Whoever installed and configured sudo on your system did it in an extremely insecure fashion. You should remove sudo immediately "rpm -e sudo".
G
-
Hi George,
What is sudo? Sorry for being a newbie.
Thanks,
Del
-
This from a google search "Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while logging the commands and arguments."
Regards
Brian
-
Hi,
Interesting, I installed SME5.6U4 myself so how would that get configured without me knowing? Do you think it is possible someone as hacked in and altered something?
Del
-
I checked my own permissions (5.6U4) and the and they are 440. Why not set yours?