[sudo-users] sudo and friends

Stanley, Jon Jon.Stanley at savvis.net
Thu Jan 18 10:38:48 EST 2007

Almost right:

user	ALL=(root) <command>.

There is a problem with /usr/bin/vi, as it's trivial in vi to do a shell
escape and the user could do anything they wanted as root.  If you trust
the user with root, then that's not a huge problem. 

>-----Original Message-----
>From: sudo-users-bounces at courtesan.com 
>[mailto:sudo-users-bounces at courtesan.com] On Behalf Of jan kalcic
>Sent: Thursday, January 18, 2007 9:50 AM
>To: sudo-users at sudo.ws
>Subject: [sudo-users] sudo and friends
>Hi people,
>I need to give access to all files under /etc/samba/* to a user using
>sudo. I want him to be able to modify to all those files using vi and I
>also want him to use the script /etc/init.d/smbd and nmbd with option
>"status" only.
>user ALL=/usr/bin/vi /etc/samba/*
>user ALL=/etc/init.d/smbd status
>user ALL=/etc/init.d/nmbd status
>Is this configuration right or I've not understood nothing about sudo?
>sudo-users mailing list <sudo-users at sudo.ws>
>For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list