Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

securityonion-sudoers: remove secure_path #1040

Closed
dougburks opened this issue Dec 21, 2016 · 3 comments
Closed

securityonion-sudoers: remove secure_path #1040

dougburks opened this issue Dec 21, 2016 · 3 comments

Comments

@dougburks
Copy link
Contributor

No description provided.

@dougburks dougburks changed the title securityonion-sudoers: update secure_path to include /snap/bin securityonion-sudoers: remove secure_path Dec 21, 2016
@dougburks
Copy link
Contributor Author

dougburks commented Dec 21, 2016
edited

This package was created here:
https://groups.google.com/d/topic/security-onion-testing/Vmgc2Pr43Vs/discussion

The original motivation was user convenience, allowing the user to type "sudo broctl" instead of "sudo /opt/bro/bin/broctl". This setting needs to be removed now for a few reasons:

  • Ubuntu recently updated the default secure_path setting but that setting was being overridden by our setting. By removing our setting, we allow the standard default to take effect.

  • We're adding a new script /usr/sbin/broctl (NSM: create /usr/sbin/broctl #1043) that will run /opt/bro/bin/broctl as a limited user. So now when a user types "sudo broctl" it will do the right thing with the default Ubuntu secure_path setting.

@dougburks
Copy link
Contributor Author

submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/4E5fP25nbm0/discussion

@dougburks
Copy link
Contributor Author

published:
http://blog.securityonion.net/2017/01/pulledpork-rule-update-and-several.html

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dougburks