Sudo conundrum

Todd C. Miller Todd.Miller at
Sat Mar 15 19:56:54 EST 2003

In message <75014BFE3D0905438C4B6EF4C49E5FC6CA363E at>
	so spake "Monappallil, George" (George.Monappallil):

> As you can see I have tried to restrict the users under DEV to use commands
> listed under command alias TS and not use commands listed under NOTS.
> However, the interesting part is that, when I log in as a user that is
> listed under DEV (for example "robs") I can run any command, even those that
> are not listed under TS if I don't precede the command with "sudo". Example:
> User robs# mount /u01
> As you can see, I haven't used "sudo" to precede the command above. Is this
> a loophole ?

If you don't prefix the command with sudo then you won't have
any additional rights or privileges.  However, based on your prompt
it looks like you are already root when you are doing your tests,
so of course you can do rootly things like "mount /u01".

 - todd

More information about the sudo-users mailing list