Is my implementation/understanding of SUDO flawed?

[ian Laing]

Hi,

Quick reply Todd for a Sunday evening - is it you or an automated response?

Unfortunately this is the lesser of the 2 problems, though thanks for the
tip on with-secure-path.
I tend to download pre-built AIX sudo from Bull freeware site, hence the
downlevel code.
Reckon I'll have to get to grips with gcc and try and build it myself -
though since I'm downlevel on sudo the secure-path does the job just fine,
for the short-term, and can live in the sudoers file.

I still think sudo is giving me a false sense of security with regards to
some of the scripts I'm sudoing - no-one said sudo would protect me from
mis-administration though ;-(
Maybe someone's built a mod for cursory permission checking to stop someone
using sudo to execute a command which they have write access to, which
basically defeats one purpose of using sudo.

At worst I may write a wrapper for sudo, which to my mind is crazy, but at
least it may give me more peace of mind that anyone,
accidentally/deliberately, placing a command in the directory which has a
mode of 777 won't jeapordise the system.

Cheerio,
ian Laing

----- Original Message -----
From: "Todd C. Miller" <Todd.Miller at courtesan.com>
To: "ian Laing" <ian.laing at btinternet.com>
Cc: <sudo-users at sudo.ws>
Sent: Sunday, February 24, 2002 9:38 PM
Subject: Re: Is my implementation/understanding of SUDO flawed?


> In message <000701c1bd6d$5dfc8640$737c7ad5 at oemcomputer>
> so spake "ian Laing" (ian.laing):
>
> > 1) The start/stop scripts don't sanitise the PATH, so if an operator
starts
> > with a PATH containing
> > their personal home directory *first* then that is the PATH the scripts
use.
> > They can therefore subvert commands like echo with their own version and
> > Unix will run that.
> > Their own echo command can then simply contain a ksh to give them a root
> > shell.
>
> You can use the --with-secure-path configure option to hard-code a path.
>
>  - todd