Junior dev requests for sudo access on a server instance for some package installation, gets it, figures out how to open the root shell - never goes back. They do everything on root.

Fast forward to production deployment time, their application won't run without elevated privileges. Sysadmin asks why does the application require elevated privileges. Dev answers, "Because I set it up with root" :facepalm:

Hmm, I think at first it's dumb to give some junior dev root access haha. Like what did you expect?

@Jifuna I know, right?! The sysadmin didn't have a choice. The developer's manager approved the access. And again, that was just sudo access to the developer's user account, not explicit root access.

The developer was just wickedly smart (which the sysadmin didn't anticipate) to figure out the root shell with sudo access.

Create a ticket on the juniors manager regarding that app running as root is security breach. And put someone security related in CC/as watcher.
But.. Why the heck you agreed to it? Even with the managers permission? You should have allowed explicit single command in the sudoers file, or install the software for him.

@mt3o Eventually, yes, that happened. That application didn't go into production until the developer re-did the whole application to work without elevated privileges. Trust me, it was almost double the time they took to set it up on root.

And yes, all of this happened on a single ticket. And when the "I set it up on root" thing happened, I made sure I cc'd the manager's manager and the CTO to the ticket.

I know I was making a mistake when I gave the developer sudo access on their user account (especially when they were a junior developer), but I was busy in the middle of something at the time and that was the easier way out for me to get it done and over with and get on with whatever I was doing.

@shine Well, atleast it's an opportunity to learn

@ralnivar Oh yes, definitely. Since then, I've said no when I had to. I realized that such blunders are bound to happen and then I'd be cc'ing the upper management and the CTO et al. In that case, I'd just cc them when the first command is given (approval from developer's manager) and then let them deal with it.

NB : I had a similar issue later on and then I did this. It was the same manager and the level 2 manager. This time it was the developer asking for sudo access and not the manager. I cc the manager and the lever 2 manager. The level-2 manager linked the previous ticket to the current one and just said "declined". Happy day!

Isn't getting to root shell from sudo easy as fuck?
Specially if you copy and paste from stackoverflow.

I would say the jr dev is jr stupid, not wicked smart.

Also, I have setup things with root, it is not hard to give proper privileges to apps.

Once I asked for access to a server, I got root shell.. i used it to create a user for myself with sudo.

@mundo03 when I said the developer was wicked smart, that was sarcasm. Unfortunately, you didn't get it since I had to explicitly say it for you now.

Yes, you're right, getting root access from sudo is pretty easy if you do one easy web search.

That was my point. The developer was dumb enough to do that but not smart enough to do anything like you said - assign proper privileges to his application.

He wouldn't have the sense to do it if he already had root access right? He's on god-mode, why would he want to downgrade privileges from there? Only he didn't know that applications don't get god-mode, ever.

Regarding own user account, he already had his own user account (that's where he escalated into root right?), so he didn't need that.

@mundo03 getting root with sudo is NOT easy if you know how to use it properly. Sudo can be restricted to only some commands, excluding bash/sh.

@mt3o You're right, but the mistake the sysadmin made was to add the user to the sudo group.

The sysadmin knew that the user could be restricted to specific binaries on the system, but they were in the middle of something else and wanted to get the developer off their backs and took the easy route out.

@shine you know sarcasm is a body language thing more than verbal, hence it mostly doesn't work when written, specially when the people communicating don't know each other.

We both must be wicked smart.

@mt3o so the fault is on the sys admin

Well, if there was someone to blame, yes, it would be the sysadmin. They didn't put the right safeguards in place before giving someone elevated privileges, especially a junior developer.

In their defense, I'd say that they at least prevented that application going in to production the same way.

Why no SELinux?

@gitversion I wish. I've only heard of SELinux (and its power). I haven't gotten around to learning how to use it.