[sudo-users] Re: restrict passwd command

Russell Van Tassell russell+sudo-users at loosenut.com
Tue Nov 22 13:08:06 EST 2005

On Tue, Nov 22, 2005 at 11:59:57AM -0600, Mark F wrote:
> Ladner, Eric (Eric.Ladner) wrote:
> >You might be better off just leaving the suid bit on the passwd command.
> >
> >I don't think the sudoers file macros and wildcarding can do that type
> >of substitution.
> What about a wrapper script that uses $SUDO_USER ?

Then you have to contend with users that do stuff like:

	setenv SUDO_USER mfaine
	sudo passwd mfaine

...or similar.

Russell M. Van Tassell
russell at loosenut.com

 "That married couples can live together day after day is a miracle that
  the Vatican has overlooked.                              -- Bill Cosby

More information about the sudo-users mailing list