Tool for virtual networks

• Previous message (by thread): Tool for virtual networks
• Next message (by thread): Tool for virtual networks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 7/15/22 11:18 AM, Saku Ytti wrote:
> May I request information substantiating the risk.

Have you ever walked away from your terminal without locking it?  Or 
seen anyone else do it?

Unless you are within Sudo's grace period (defaults to five minutes) the 
person at your keyboard won't be able to authenticate to sudo as you if 
they have to enter your password.

There are also concerns of changing effective users on systems to one 
that has the NOPASSWD: option, thereby enabling the original user to do 
what the new user could do without authenticating as the new user.

> As far as I see, infosec is largely horoscopes for IT people.

I don't believe avoiding NOPASSWD: is just a horoscope.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20220715/d87ee4b5/attachment.bin>

• Previous message (by thread): Tool for virtual networks
• Next message (by thread): Tool for virtual networks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]