[sudo-users] (no subject)

Galen Johnson Galen.Johnson at sas.com
Fri Sep 24 09:13:20 EDT 2004

If you are using the latest version of sudo (it may even be possible with older versions but I'm not sure) you may be able to define the app in sudoers with NOEXEC...ie, NOEXEC:/bin/vi.  If your OS is one of the supported OSes, it should prevent apps from allowing a shell out.


-----Original Message-----
From: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Clift Robert T CONT DLVA
Sent: Friday, September 24, 2004 7:49 AM
To: 'sudo-users at sudo.ws'
Subject: [sudo-users] (no subject)

Within vi any user can shell out(i.e :!sh) and get a shell. If the user is
using sudo and vi a bogus file, they can shell out and have a root shell.
Any ideas on how to prevent this action. 

Tom Clift

sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list