For developer team - sudo admin security
Posted: Thu Mar 08, 2018 11:18 pm
I have see the source code of vesta and I have doubt relation to user admin:admin and all privileges that this user has in ubuntu.
Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
So in case the Web server process gets hijacked through some vulnerability, they can have privileges like root with user admin, does vesta have another security mechanism to avoid this ?
Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
So in case the Web server process gets hijacked through some vulnerability, they can have privileges like root with user admin, does vesta have another security mechanism to avoid this ?