Forum Discussion
Granting sudo permissions to DevOps Agent user
Hi, We're running an agent pool hosted in an Azure VMSS. Are there any serious security concerns with granting sudo rights for the user used to run the pipelines? Of course granting as few right...
I thought may focus on the risk of sudo rather:
Say an example, in case an attacker gains access to a user account with sudo privileges, potentially follow by running malicious commands with elevated privileges. In other words, sudo is useful but can be a security risk
That was my concern as well, I wanted to ask the community what the general consensus is, is it more of a "everyone does it, it's fine" or "you should only do this if it's absolutely necessary" situation