[sudo-users] Redirect permissions
rjh405 at gmail.com
Wed Oct 7 11:47:47 EDT 2009
Please pardon me if this is an ignorant question. Presumably if you execute
a fully-quoted command string in sudo and that string contains a redirect,
then the output will be able to overwrite a file that only allows root edit
E.g.: $ sudo 'cat /tmp/myfile.txt > /etc/passwd'
Is there a configuration option to prevent a user with sudo permissions from
doing this? I haven't been able to locate one.
More information about the sudo-users