[OpenIndiana-discuss] bug reports

Joshua M. Clulow josh at sysmgr.org
Sun Mar 20 12:01:20 UTC 2011


> On 17 March 2011 07:52, Reginald Beardsley <pulaskite at yahoo.com> wrote:
>> The use of privilege escalation from the user account using sudo(1m) or
>> similar seems to me a bad idea.  It seems too easy to exploit.  The browsers
>> have so many vulnerabilities, that I won't run a browser as root.  It seems
>> to me that having a separate root account is much preferable to sudo for
>> machines which have internet access.   But then I just disconnected my LAN
>> and installed a dedicated system for internet access.
On 20 March 2011 22:43, Matt Connolly <matt.connolly.au at gmail.com> wrote:
> Why would you `sudo firefox`?

I believe he means that having the ability to sudo to root from the
account that you're running firefox as is a potential security risk.
And, sure, it might be!  But you should configure sudo to require you
to enter your password before it will work, which ought to hamper this
and other similar attack styles.

-- 
Joshua M. Clulow
UNIX Admin/Developer
http://blog.sysmgr.org



More information about the OpenIndiana-discuss mailing list