how to prevent ./*
Martin Vazquez
mtrash1 at hotmail.com
Wed Nov 12 09:40:15 EST 2003
Thanks, however, sudoers' syntax won't let me do that.
>From: "Ladner, Eric (Eric.Ladner)" <Eric.Ladner at chevrontexaco.com>
>To: "Martin Vazquez" <mtrash1 at hotmail.com>, shadhanker at gmx.net,
>sudo-users at sudo.ws
>Subject: RE: how to prevent ./*
>Date: Wed, 12 Nov 2003 08:08:44 -0600
>
>
>How about just !XX?
>
>-----Original Message-----
>From: sudo-users-bounces at sudo.ws [mailto:sudo-users-bounces at sudo.ws] On
>Behalf Of Martin Vazquez
>Sent: Wednesday, November 12, 2003 6:31 AM
>To: shadhanker at gmx.net; sudo-users at sudo.ws
>Subject: Re: how to prevent ./*
>
>
>
>Hi Rahul,
>
>Thank you very much for your answer.
>Unfortunately, I did not express myself correctly in my initial mail.
>When I
>configure !/usr/bin/XX, then the users are still alowed to do sudo ./XX,
>
>because ./does not match with /usr/bin.
>
>Any further idea?
>
>Thanks again
>
>Martin
>
> >From: "Rahul" <shadhanker at gmx.net>
> >To: "Martin Vazquez" <mtrash1 at hotmail.com>,<sudo-users at sudo.ws>
> >Subject: Re: how to prevent ./*
> >Date: Wed, 12 Nov 2003 14:41:58 +0530
> >
> >Hello Martin,
> >
> >You can configure sudoers files with "!/usr/bin/XX
> >But make sure that the user(whose in the sudoers file) are using $ sudo
>
> >./XX [or] $ sudo /usr/bin/XX
> >
> >NOT just
> >
> >$./XX or
> >$/usr/bin/XX
> >
> >Hope this helps and let me how it works.
> >
> >Thanks and Regards,
> >-sadha
> >
> >
> > > Can anyone tell me how to configure sudoers in order to prevent
> > > someone
> >from
> > > doing ./* ?
> > > I am trying to prevent someone from executing a command XX, so I
> >configured
> > >
> > > !/usr/bin/XX
> > >
> > > but still that user can go and do cd /usr/bin, ./XX.
> > >
> > > I cannot seem to put ! ./XX in sudoers, I get a syntax error.
> > >
> > > Can anyone tell how to do it?
> > >
> > > By the way, is it possible to include subdirectories when putting
> >wildcards?
> > > For instance, I would like !/usr/* to prevent from doing everything
> >under
> > > /usr, including subdirectories. Any idea?
> > >
> > > Thanks a lot
> > >
> > > Martin
> > >
> > > _________________________________________________________________
> > > Protect your PC - get McAfee.com VirusScan Online
> > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
> > >
> > > ____________________________________________________________
> > > sudo-users mailing list <sudo-users at sudo.ws>
> > > For list information, options, or to unsubscribe, visit:
> > > http://www.sudo.ws/mailman/listinfo/sudo-users
> > >
> >
> >
> >---
> >Outgoing mail is certified Virus Free.
> >Checked by AVG anti-virus system (http://www.grisoft.com).
> >Version: 6.0.534 / Virus Database: 329 - Release Date: 10/31/2003
> >
>
>_________________________________________________________________
>Great deals on high-speed Internet access as low as $26.95.
>https://broadband.msn.com (Prices may vary by service area.)
>
>____________________________________________________________
>sudo-users mailing list <sudo-users at sudo.ws>
>For list information, options, or to unsubscribe, visit:
>http://www.sudo.ws/mailman/listinfo/sudo-users
>
>
_________________________________________________________________
Is your computer infected with a virus? Find out with a FREE computer virus
scan from McAfee. Take the FreeScan now!
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
More information about the sudo-users
mailing list