Example from real life: Problem: robot on hosting. He went for 100 hosts and makes pre-programmed commands as different users, such as root and www-data
How to solve the problem so that if the central host (containing the ssh key from all hosts) is hacked will not compromise the root accounts on the client hosts? Solution: change the privileges after the login on the client hosts. How to do it? suid or sudo! I choose the sudo because it allows you to designate a specific user allowed to change the privilege (suid-bit works for all users) Because the system is installed from packages, we need a mechanism to add lines to /etc/sudoers (automatic editing /etc/sudoers during installation violates Debian Policy) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
