sudo-users Digest, Vol 6, Issue 6

mlh at mlh at
Tue Jun 10 03:09:49 EDT 2003

On Tue, Jun 10, 2003 at 12:15:47PM +0530, Molumuri, Janardhan wrote:
> Hi Folks,
> Any body has any ideas for this ?
> >id
> uid=22353(test) gid=10(test)
> sudo sh
> Sorry, user test is not allowed to execute '/usr/bin/sh' as root
> >ln -s /usr/bin/sh ./test1
> >sudo ./test1
> # id
> uid=0(root) gid=0(root)

What does "sudo -l" show?

It would be nice for sudo to check the ownership
of the sudo'd program and it's parent director(y,ies)
before executing it, but it's probably a little 
difficult to do while avoiding races.  Also slow?

Perhaps this check could be done as one of the visudo
exit sanity checks.


More information about the sudo-users mailing list