[sudo-users] Keep LD_LIBRAY_PATH

Scott R. Corzine scott.corzine at gnorth.com
Wed Nov 15 08:40:53 EST 2006


On 11/6/06, Huibert.Kivits at mail.ing.nl <Huibert.Kivits at mail.ing.nl> wrote:
> Someone over here came with an elegant solution. Commands or scripts
> that are susceptible to this behaviour are to be run through a wrapper script.
> In our case, /usr/bin/doit.
> People who need to run a specific sudo, are required to run it like this:
> sudo /usr/bin/doit <original command>
> Instead of just:
> sudo <original command>
>
> The code of the doit script is simply as follows:
>
> #!/bin/ksh
>
> # @(#)  doit 1.1 3/9/05
>
> export SHELL=/usr/bin/login
> $*

A quick suggestion:  When passing the arguments/command line from one
shell script or function to another use:  "$@" (including the double
quotes) rather than $* (or an unquoted $@).  This will greatly improve
handling of funny characters (include spaces for those unfortunate
enough to routinely have them in filenames like OSX users).  Otherwise
consider how your script would handle shell metacharacters...

There may be other issues with this script, I'm not awake enough yet
to have thought about it in depth.

-Scott-



More information about the sudo-users mailing list