[sudo-users] (no subject)
Galen Johnson
Galen.Johnson at sas.com
Fri Sep 24 09:13:20 EDT 2004
If you are using the latest version of sudo (it may even be possible with older versions but I'm not sure) you may be able to define the app in sudoers with NOEXEC...ie, NOEXEC:/bin/vi. If your OS is one of the supported OSes, it should prevent apps from allowing a shell out.
=G=
-----Original Message-----
From: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Clift Robert T CONT DLVA
Sent: Friday, September 24, 2004 7:49 AM
To: 'sudo-users at sudo.ws'
Subject: [sudo-users] (no subject)
Within vi any user can shell out(i.e :!sh) and get a shell. If the user is
using sudo and vi a bogus file, they can shell out and have a root shell.
Any ideas on how to prevent this action.
Tom Clift
FTI/K55
540-653-8023
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list