View Poll Results: Is it a good idea to post an /etc/sudoers file somewhere online?

Voters
16. You may not vote on this poll
  • It's a bad idea. If your server gets cracked into, you'll be hurting others who download your file.

    2 12.50%
  • The problem isn't big enough to warrant this sort of effort.

    11 68.75%
  • The amount of effort it takes to wget would be the same as editing /etc/sudoers

    1 6.25%
  • Not everyone has the same default /etc/sudoers file

    2 12.50%
  • /etc/group is usually the culprit, not /etc/sudoers

    0 0%
  • I think it's a great idea as is (please explain)

    1 6.25%
  • It's a great idea if you modify it a bit (please explain)

    1 6.25%
  • It's a terrible idea (please explain).

    0 0%
Multiple Choice Poll.
Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: Is it a good idea to post an /etc/sudoers file online?

  1. #11
    Join Date
    Dec 2005
    Location
    Chicago
    Beans
    Hidden!

    Re: Is it a good idea to post an /etc/sudoers file online?

    edit: im talking about /etc/group in this post

    you could toss one up there just as a reference, it wouldnt hurt. just make some kind of note saying that its purely a reference, and you shouldnt just copy/paste the whole thing.

    you cant plagarize that file, the system will know you cheated and give you an F.
    Last edited by briancurtin; May 11th, 2006 at 05:48 AM.
    briancurtin.com | archlinux.org
    Quote Originally Posted by jeepmanjr
    This is not about checking email and looking at porno after mama goes to work. It's about application specifics.

  2. #12
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Is it a good idea to post an /etc/sudoers file online?

    Well, just for reference, here's the /etc/sudoers file:
    Code:
    # /etc/sudoers
    #
    # This file MUST be edited with the 'visudo' command as root.
    #
    # See the man page for details on how to write a sudoers file.
    #
    
    # Host alias specification
    
    # User alias specification
    
    # Cmnd alias specification
    
    # Defaults
    
    Defaults        !lecture,tty_tickets,!fqdn
    
    # User privilege specification
    root    ALL=(ALL) ALL
    
    # Members of the admin group may gain root privileges
    %admin  ALL=(ALL) ALL
    And here's the /etc/group file
    Code:
    root:x:0:
    daemon:x:1:
    bin:x:2:
    sys:x:3:
    adm:x:4:firstuser
    tty:x:5:
    disk:x:6:
    lp:x:7:cupsys
    mail:x:8:
    news:x:9:
    uucp:x:10:
    man:x:12:
    proxy:x:13:
    kmem:x:15:
    dialout:x:20:firstuser,cupsys
    fax:x:21:
    voice:x:22:
    cdrom:x:24:firstuser,haldaemon
    floppy:x:25:firstuser,haldaemon
    tape:x:26:
    sudo:x:27:
    audio:x:29:firstuser
    dip:x:30:firstuser
    www-data:x:33:
    backup:x:34:
    operator:x:37:
    list:x:38:
    irc:x:39:
    src:x:40:
    gnats:x:41:
    shadow:x:42:
    utmp:x:43:
    video:x:44:firstuser
    sasl:x:45:
    plugdev:x:46:firstuser,haldaemon
    staff:x:50:
    games:x:60:
    users:x:100:
    nogroup:x:65534:
    dhcp:x:101:
    syslog:x:102:
    klog:x:103:
    firstuser:x:1000:
    lpadmin:x:104:firstuser
    scanner:x:105:firstuser,cupsys
    admin:x:106:firstuser
    crontab:x:107:
    ssh:x:108:
    messagebus:x:109:
    haldaemon:x:110:
    slocate:x:111:

  3. #13
    Join Date
    Jan 2006
    Location
    Philadelphia
    Beans
    4,076
    Distro
    Ubuntu 8.10 Intrepid Ibex

    Re: Is it a good idea to post an /etc/sudoers file online?

    Quote Originally Posted by aysiu
    Food for thought. Wouldn't it not work to have /etc/group on there, though, as each person's would have her own unique username tacked on to each group?
    heh well, that's where the "with helpful comments, if necessary" bit comes in. something like "replace blabla with your actual username" should do the trick.
    edit: i see you already did the equivalent with the italicized 'firstuser'. cool.

  4. #14
    Join Date
    Jul 2005
    Beans
    228

    Re: Is it a good idea to post an /etc/sudoers file online?

    Even simpler solution: instead of posting a copy of the sudoers file online, why not just store it locally on a default Ubuntu install? Something like /etc/defaultsudoers .

    Then you could tell everyone the same command to restore their /etc/sudoers file.

    The only reason it wouldn't work is if they deleted their entire /etc folder, in which case they have much bigger problems.

  5. #15
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Is it a good idea to post an /etc/sudoers file online?

    That is a great idea. In fact, I've implemented it myself on my computer. How would we suggest it to the developers for Edgy?

  6. #16
    Join Date
    Jan 2006
    Location
    Philadelphia
    Beans
    4,076
    Distro
    Ubuntu 8.10 Intrepid Ibex

    Re: Is it a good idea to post an /etc/sudoers file online?

    hmm, well this is not Quite it, but there is a "sample" sudoers file located in /usr/share/doc/sudo/examples/sudoers
    it is not the same as the default sudoers (it sets up some more complicated schemes as examples), but... there it is, fwiw.

  7. #17
    Join Date
    Oct 2004
    Location
    Cupertino, CA
    Beans
    5,092
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Is it a good idea to post an /etc/sudoers file online?

    Well, let's start by saying it's not safe, downright reckless to post /etc/shadow online. This file contains encrypted hashes of your passwords. With this information, someone can use a brute forcing tool to determine your passwords in a matter of days (at worst)

    As far as /etc/passwd, /etc/group, and /etc/sudoers, these do not contain passwords or other private information. However, they do reveal a deal of information about how user accounts are set up on your system. (it's no different than me saying "I have an account jdong on my system with sudo access"). Sure, there might be some way that this serves as useful information (a piece of the puzzle, so to speak) in a complex attack, but I can't see anything like that happening.


    In short, I think it is a safe file to post. Sometimes posting a file like this is the fastest way to get assistance, especially if you made a silly typo (extraneous character, for example) that the experienced eye would catch but a newer user would skip right over
    Quote Originally Posted by tuxradar
    Linux's audio architecture is more like the layers of the Earth's crust than the network model, with lower levels occasionally erupting on to the surface, causing confusion and distress, and upper layers moving to displace the underlying technology that was originally hidden

  8. #18
    Join Date
    Jul 2005
    Beans
    228

    Re: Is it a good idea to post an /etc/sudoers file online?

    Quote Originally Posted by aysiu
    How would we suggest it to the developers for Edgy?
    Now that you mention it, I really don't know. Bugzilla is great for some feedback, but this isn't a bug. Anyone know where the Ubuntu suggestion box is?

  9. #19
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Is it a good idea to post an /etc/sudoers file online?

    FYI: I've created a sudo recovery tutorial on my Psychocats website.

    http://www.psychocats.net/ubuntu/sudo

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •