mercredi 25 février 2015

What are the security risks in leaving 'sudo' inside my production code?



I have a script that can only run successfully with root permissions


But in development it's really hard to run with root permissions (in my development environment) so I add 'sudo' when ever it's required inside the code and remove it before I push changes to production.


Obviously this is not a good practice since eventually a 'sudo' would slip in.


So I wonder what are the security risks of leaving it right there?





Aucun commentaire:

Enregistrer un commentaire