Web lists-archives.com

Re: Security hole in LXDE?




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Mar 02, 2017 at 02:32:19PM +0100, Hans wrote:

[snip snip]

OK, given your answers, the recommended path would be to remove your
user (hans) from group sudo, perhaps so:

  deluser hans sudo

(you've to be root for that, perhaps with -ahem- sudo ;-)

and then see whether the system behaves as you expect. You can change
things back with

  adduser hans sudo

(this time not with sudo, heh).

Note that sudo is pretty useful in other situations: you can specify
that users get sudo powers only for specific programs: that would e.g.
allow regular users to invoke a backup even if they aren't allowed to
read the files they back up. Careful planning is a good idea, since
if (to keep with the example) they have access to the backup medium
they would be able to read the files anyway -- or worse.

Regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAli4fh4ACgkQBcgs9XrR2kYN5gCaAk7PblG3qf+LoMHzldB9Mz8x
N9oAn3xgOJzWcEEugWFQsGu3ejhp6UEd
=TbB6
-----END PGP SIGNATURE-----