[sudo-users] Redirect permissions
Robert Hall
rjh405 at gmail.com
Wed Oct 7 11:47:47 EDT 2009
Please pardon me if this is an ignorant question. Presumably if you execute
a fully-quoted command string in sudo and that string contains a redirect,
then the output will be able to overwrite a file that only allows root edit
perms.
E.g.: $ sudo 'cat /tmp/myfile.txt > /etc/passwd'
Is there a configuration option to prevent a user with sudo permissions from
doing this? I haven't been able to locate one.
Thank you.
--
Bob
More information about the sudo-users
mailing list