Disturbing messages from visudo

Benjamin Goldsteen ben at inka.mssm.edu
Sun Jun 4 18:11:04 EDT 2000

I am configuring sudo on an SGI IRIX 6.5 system and I am getting error
messages that lead me to believe that the internal Editor variable is
being overwritten.  This isn't necessarily a security problem in that
visudo isn't normally run setuid, but it somewhat disturbing.

I run visudo to create a file such as:

# This file MUST be edited with the 'visudo' command as root.
# See the sudoers man page for the details on how to write a sudoers

# Host alias specification
# User alias specification
# Cmnd alias specification
Cmnd_Alias APACHECTL=/etc/init.d/apache
# User privilege specification
root    ALL=(ALL) ALL
local   yellow2=APACHECTL stop, /etc/init.d/apache start,
/etc/init.d/apache graceful, /etc/init.d/apache restart

When I try to save it, I get this error:
>>> sudoers file: syntax error, line 13 <<<

When I try to edit the erronious file, I get this:
What now? e
sh: Cmnd_Alias:  not found
/usr/global/sudo/sbin.mips/visudo: Editor (Cmnd_Alias) failed with exit
status 32512, /usr/global/sudo/etc/sudoers unchanged.

I've done a little debugging and it seems somewhat the internal variable
"Editor" becomes overwritten during execution.  This error occurs
regardless of whether or not the UNIX environment variable "EDITOR" is


Benjamin Z. Goldsteen
Physiology & Biophysics
Mount Sinai School of Medicine
212-241-1614 / 212-860-3369 (FAX)

More information about the sudo-users mailing list