sudo-users Digest, Vol 6, Issue 6

Molumuri, Janardhan mjanar at
Tue Jun 10 03:49:50 EDT 2003

>sudo -l output

    (root) ALL
    (root) !SHELLS


-----Original Message-----
From: mlh at [mailto:mlh at]
Sent: Tuesday, June 10, 2003 12:40 PM
To: Molumuri, Janardhan
Cc: 'sudo-users at'
Subject: Re: sudo-users Digest, Vol 6, Issue 6

On Tue, Jun 10, 2003 at 12:15:47PM +0530, Molumuri, Janardhan wrote:
> Hi Folks,
> Any body has any ideas for this ?
> >id
> uid=22353(test) gid=10(test)
> sudo sh
> Sorry, user test is not allowed to execute '/usr/bin/sh' as root
> >ln -s /usr/bin/sh ./test1
> >sudo ./test1
> # id
> uid=0(root) gid=0(root)

What does "sudo -l" show?

It would be nice for sudo to check the ownership
of the sudo'd program and it's parent director(y,ies)
before executing it, but it's probably a little 
difficult to do while avoiding races.  Also slow?

Perhaps this check could be done as one of the visudo
exit sanity checks.


More information about the sudo-users mailing list