[sudo-users] path expansion

Aaron Spangler as at insight.rr.com
Sun Aug 1 23:19:50 EDT 2004 

I tried the same test on sudo 1.5.1 (cu version, Sep 1996) and had the 
same results.

Apparently this has been the behavior for some time.

 - Aaron

Aaron Spangler wrote:

> This is what I found so far:  (Testing on Knoppix/Debian Linux using 
> latest Sudo)
>
> # cat /etc/sudoers
> user    ALL=(root) /bin/df
>
> user$ sudo /bin/df        #works
> user$ sudo df                #works since /bin is in path
> user$ cd /bin; sudo ./df    # fails even though it probably should not
>
> My theory is that things with a partial path are treated as a full 
> path and thus not matched.  This also should means (horrifically) that 
> say !/bin/sh is in /etc/sudoers and the person simply does cd /bin; 
> sudo ./sh would not prevent the user from getting a shell.
>
> # cat /etc/sudoers
> user   ALL=(root) ALL,!/bin/sh
>
> user$ sudo df                 #works as it should
> user$ sudo /bin/sh        # fails as it should
> user$ cd /bin; sudo ./sh        # OUCH -  works, though it should fail
>
> I'll try the same tests it against a much older sudo.
>
> -Aaron
>
>
> Galen Johnson wrote:
>
>> Yes it does.  I thought that maybe it had to do with the path but 
>> even after I added it to my path I get the same thing.  Strange thing 
>> is it doesn't seem to be entirely consistant.  I mistakenly typed a 
>> cat command and it showed '/bin/cat /etc/sudoers' as not being 
>> allowed (at least the error expanded the path if nothing else).
>>
>> I verified this by
>>
>> cd /usr/local/sbin
>> sudo -u root ./visudo
>>
>> I'd be very surprised if this behavior was exhibited on a different 
>> OS (not HPUX IPF 11.23) but I can't check that at the moment.
>>
>> =G=
>>
>> -----Original Message-----
>> From: Todd C. Miller [mailto:Todd.Miller at courtesan.com] Sent: 
>> Saturday, July 31, 2004 5:57 PM
>> To: Galen Johnson
>> Cc: sudo-users at sudo.ws
>> Subject: Re: [sudo-users] path expansion
>> That's definately unexpected behavior, if you cvan check whether
>> this happens with the release candidate that would be useful.
>>
>> - todd
>>
>> ____________________________________________________________ 
>> sudo-users mailing list <sudo-users at sudo.ws>
>> For list information, options, or to unsubscribe, visit:
>> http://www.sudo.ws/mailman/listinfo/sudo-users
>>  
>>
>
> ____________________________________________________________ 
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users

More information about the sudo-users mailing list