Cmnd_Alias
Salum, Felipe
felipe.salum at eds.com
Wed Jun 5 08:52:56 EDT 2002
People,
If I have in my sudoers file the line
Cmnd_Alias TOOLS = /usr/local/*
Does it means that all directories below /usr/local will be included ?
Example: I need an user to execute commands in /usr/local/bin and
/usr/local/sbin but I DO NOT want to add both directories to sudoers, I
would like to add only /usr/local/*. Will it work ?
Thanks in advance,
Felipe
-----Original Message-----
From: Todd C. Miller [mailto:Todd.Miller at courtesan.com]
Sent: Friday, December 14, 2001 4:19 PM
To: bill at wards.net
Cc: Salum, Felipe; 'sudo-users at sudo.ws'
Subject: Re: Different log files in sudo?
In message <15386.16524.954292.319522 at komodo.home.wards.net>
so spake (bill):
> I suppose sudo could tee stdin/out/err to a file. Can that be
> defeated?
Probably. You can do the equivalen of dup(2) in the shell.
The real way to do this is to intercept execve(2) and do the
sudo checks there but that requires using ptrace(2) which
a) I've never used and b) which seems OS-specific.
It's something I'd like to look into some day but not right now...
- todd
More information about the sudo-users
mailing list