|
the POWER of OS X Admin privileges
I just went into netinfo and diabled my root user login (because that is how most systems are configured.)
What does this do:
- Prevent one from logging in directly or authenticating as root (via login window, su, ssh -l root, or authenticating as root via a password dialog, etc.)
It does NOT:
- prevent one from using the 'sudo' command
So the next question is:
What does the 'sudo ' command allow you to do?
Unless you have severely restricted the usage of 'sudo' (unlikely) you can still effectively change your operating privileges to be 'root' or you can change your environment to become the root user or ANY other user on the system (with a shell.)
Though 'su' and 'su - root' won't work from the command line, any of the following sudo commands will effectively change the environment which one operates in, giving them direct access to a root (or another User) from the command line:
- sudo tcsh
- sudo su
- sudo su - root
- sudo su - username
So what does this mean?
If I have an account on your machine with 'admin' privs and your machine it allows remote login, then I can log-on either from the console or remotely and attain any level of privilege I desire, be it 'root' or even 'becoming' another user.
That is the power of being an OS X admin user with unrestricted access to 'sudo'
Also note, that by association, liberal use of the unrestricted sudo command is just as harmful as having an active root login and careless security of the passwords for 'admin' enabled accounts is equally as dangerous as leaving the key to your front door under the mat.
Date Created: Sat, 12 Oct 2002 12:11:52 -0400 |
