Register
A security analyst is troubleshooting a scenario in which an operator should only be allowed to reboot remote hosts but not perform other activities. The analyst inspects the following portions of different
173k views
3 votes
A security analyst is troubleshooting a scenario in which an operator should only be allowed to reboot remote hosts but not perform other activities. The analyst inspects the following portions of different configuration files:

Configuration file 1:
Operator ALL=/sbin/reboot -
Configuration file 2:
Command="/sbin/shutdown now", no-x11-forwarding, no-pty, ssh-dss
Configuration file 3:
Operator:x: :/bin/bash

Which of the following explains why an intended operator cannot perform the intended action?

A. The sudoers file is locked down to an incorrect command
B. SSH command shell restrictions are misconfigured
C. The passwd file is misconfigured
D. The SSH command is not allowing a pty session

User Rakesh Govindula
by
7.8k points

1 Answer

3 votes

Final answer:

The intended operator cannot perform the action of rebooting because in Configuration file 2, the SSH command is configured with 'no-pty', which prevents the allocation of a pseudo-terminal required for interactive sessions.

Step-by-step explanation:

The question presents a scenario where an operator is supposed to have limited permissions, specifically to reboot remote hosts but not perform other actions. We are given snippets of different configurations that are potentially causing an operator to be unable to perform the intended action of rebooting.

The correct answer is D. The SSH command is not allowing a pty session. This can be inferred from Configuration file 2, where it specifies no-pty, which stands for "No pseudo-terminal". When no pseudo-terminal is allocated, the operator cannot have an interactive session, which would be required to run the reboot command interactively.

The sudoers configuration in Configuration file 1 (/sbin/reboot) seems to be correct, hence, option A is unlikely. Configuration file 3 lists a shell for the operator, which does not directly prevent them from rebooting; therefore, option C is incorrect as well. Option B suggests that SSH command shell restrictions are misconfigured, but the issue is specifically with the pty allocation rather than general SSH command shell restrictions.

User WillHaslett
by
7.4k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
Disadvantages of using animation in advertising? advantages and disadvantages of using animation for education? advantages and disadvantages of using animation in entertainment?
Explain why binary codes are used to represent characters, numbers and symbols :)
Link Copied!