[sudo-users] (no subject)
Galen.Johnson at sas.com
Fri Sep 24 09:13:20 EDT 2004
If you are using the latest version of sudo (it may even be possible with older versions but I'm not sure) you may be able to define the app in sudoers with NOEXEC...ie, NOEXEC:/bin/vi. If your OS is one of the supported OSes, it should prevent apps from allowing a shell out.
From: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Clift Robert T CONT DLVA
Sent: Friday, September 24, 2004 7:49 AM
To: 'sudo-users at sudo.ws'
Subject: [sudo-users] (no subject)
Within vi any user can shell out(i.e :!sh) and get a shell. If the user is
using sudo and vi a bogus file, they can shell out and have a root shell.
Any ideas on how to prevent this action.
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
More information about the sudo-users