Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That's not what parent means. They are arguing it's not generally used to delegate partial root access to unprivileged users, i.e by adding narrow sudoers rules to allow "some" specific things to be run as root for some users who don't have full root access otherwise.

I tend to agree that 99% or use cases are just a convenient way to gain full root for users with full root access. Configuring sudoers for the former use case has long known to be a bit dangerous, i.e it's easy to get it wrong and create privilege escalation holes.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: