Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Deleted user still in sudoers file - is there a risk?
grod87
post May 31 2011, 10:55 AM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 2
Joined: 31-May 11
Member No.: 15,346



I'm performing a checklist audit of a linux system (openSUSE 11.3), and ran into something that may or may not be an issue. One of the sections of the audit program requires verification of "appropriateness" of user accounts on the system. This includes reviewing the etc/passwd, etc/group and etc/sudoers files. I found several accounts in the etc/sudoers file that were not in the etc/passwd file. According to this audit program, this is an "exception" and results in an audit failure.

My problem with these checklists audits are that they don't specify what the real risk is for any of these "exceptions". I've been googling this problem, and haven't found a clear answer, so I'm hoping you guys could help me. Is there actually any risk of having accounts in the sudoers file, even if said accounts no longer exist on the system? My guess is that maybe it's possible to perform some sort of privilege escalation with it? Any advice you can give me would be greatly appreciated. Thanks!
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 13th December 2017 - 04:26 AM