sudo-users Digest, Vol 6, Issue 6
mlh at zipworld.com.au
mlh at zipworld.com.au
Tue Jun 10 03:09:49 EDT 2003
On Tue, Jun 10, 2003 at 12:15:47PM +0530, Molumuri, Janardhan wrote:
> Hi Folks,
>
> Any body has any ideas for this ?
>
> >id
> uid=22353(test) gid=10(test)
> sudo sh
> Sorry, user test is not allowed to execute '/usr/bin/sh' as root
> >ln -s /usr/bin/sh ./test1
> >sudo ./test1
> # id
> uid=0(root) gid=0(root)
What does "sudo -l" show?
It would be nice for sudo to check the ownership
of the sudo'd program and it's parent director(y,ies)
before executing it, but it's probably a little
difficult to do while avoiding races. Also slow?
Perhaps this check could be done as one of the visudo
exit sanity checks.
Matt
More information about the sudo-users
mailing list