Devdas Bhagat wrote:
>>Situation B:
In this case, the user is only allowed to run commands listed in the
sudoers file. (S)He does not know the root password, and does not have
full administrative access. Used properly, sudo is quite a powerful tool
for access control.
Thanks to you and Revant for your nice explainations. I have only one
last question for this topic. This is to understand the scope of risk
that root login carries.
Suppose we assume that the root is totally honest and will not destroy
any files even by mistake and will always man his terminal so no one
else will type in anything from his keyboard. In this situation, is the
system still at risk from any other factors? Can anyone who has access
to the system's network hijack the running root-login session? In short,
is the risk only limited to the root doing harm or his station being
used by someone else while he is away or is it possible to intrude into
the root's session remotely. How private is a login session?
Thanks and Regards :)
Rony.
___________________________________________________________
Yahoo! Exclusive Xmas Game, help Santa with his celebrity party - http://santas-christmas-party.yahoo.net/
--
http://mm.ilug-bom.org.in/mailman/listinfo/linuxers
