sudo sudo

mackay at mackay at
Fri Apr 6 09:38:43 EDT 2001

From: Scott D. MacKay

Yes, it does look like a configuration mistake but without any info, there
is no way of telling.
What do your rules look like?  If they are 'everything but the shells',
well, that is obviously your problem...
If that is the case (seems like a fit for the symptoms), I would suggest
you change your philosophy to one more aligned with firewalls "That which
is not explicitly allowed is denied".  work your rules to indicate what is
allowed, not what is not allowed.


mikecc <mikecc at> on 04/06/2001 09:05:25 AM

To:   sudo-users at
cc:    (bcc: Scott D. MacKay/943904/EKC)
Subject:  sudo sudo

Users on our Solaris 2.7 servers are able to subvert sudo by executing sudo
via sudo.

For example a user can not do the following:
sudo /bin/ksh

But the same user can do this:
sudo sudo /bin/ksh

with that double sudo command the user successfully enters a ksh
environment as root.  Seems to me this is a configuration mistake but I can
not find it.

Mike Cerone, CISSP, CCNA
Ad Astra!

sudo-users mailing list <sudo-users at>
For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list