Is my implementation/understanding of SUDO flawed?
April.Woo at spirentcom.com
Mon Feb 25 13:04:43 EST 2002
I think you can also use restricted shell along with sudo.
> -----Original Message-----
> From: Jeff Kennedy [SMTP:jlkennedy at amcc.com]
> Sent: Monday, February 25, 2002 9:21 AM
> To: ian Laing
> Cc: Todd C. Miller; sudo-users at sudo.ws
> Subject: Re: Is my implementation/understanding of SUDO flawed?
> I'm thinking that you're asking for capabilities that sudo was never
> meant to handle outside of the path issue. The way I would tackle this
> is go through the initial pain to check all the scripts and
> permissions, then setup tripwire to catch any changes to said scripts.
> ian Laing wrote:
> > Hi,
> > Quick reply Todd for a Sunday evening - is it you or an automated
> > Unfortunately this is the lesser of the 2 problems, though thanks for
> > tip on with-secure-path.
> > I tend to download pre-built AIX sudo from Bull freeware site, hence the
> > downlevel code.
> > Reckon I'll have to get to grips with gcc and try and build it myself -
> > though since I'm downlevel on sudo the secure-path does the job just
> > for the short-term, and can live in the sudoers file.
> > I still think sudo is giving me a false sense of security with regards
> > some of the scripts I'm sudoing - no-one said sudo would protect me from
> > mis-administration though ;-(
> > Maybe someone's built a mod for cursory permission checking to stop
> > using sudo to execute a command which they have write access to, which
> > basically defeats one purpose of using sudo.
> > At worst I may write a wrapper for sudo, which to my mind is crazy, but
> > least it may give me more peace of mind that anyone,
> > accidentally/deliberately, placing a command in the directory which has
> > mode of 777 won't jeapordise the system.
> > Cheerio,
> > ian Laing
> > ----- Original Message -----
> > From: "Todd C. Miller" <Todd.Miller at courtesan.com>
> > To: "ian Laing" <ian.laing at btinternet.com>
> > Cc: <sudo-users at sudo.ws>
> > Sent: Sunday, February 24, 2002 9:38 PM
> > Subject: Re: Is my implementation/understanding of SUDO flawed?
> > > In message <000701c1bd6d$5dfc8640$737c7ad5 at oemcomputer>
> > > so spake "ian Laing" (ian.laing):
> > >
> > > > 1) The start/stop scripts don't sanitise the PATH, so if an operator
> > starts
> > > > with a PATH containing
> > > > their personal home directory *first* then that is the PATH the
> > use.
> > > > They can therefore subvert commands like echo with their own version
> > > > Unix will run that.
> > > > Their own echo command can then simply contain a ksh to give them a
> > > > shell.
> > >
> > > You can use the --with-secure-path configure option to hard-code a
> > >
> > > - todd
> > ____________________________________________________________
> > sudo-users mailing list <sudo-users at sudo.ws>
> > For list information, options, or to unsubscribe, visit:
> > http://www.sudo.ws/mailman/listinfo/sudo-users
> Jeff Kennedy
> Unix Administrator
> jlkennedy at amcc.com
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
More information about the sudo-users