[sudo-users] Redirect permissions
Todd C. Miller
Todd.Miller at courtesan.com
Wed Oct 7 12:38:50 EDT 2009
In message <da64b8ba0910070847h326e9e67k507842256daa011d at mail.gmail.com>
so spake Robert Hall (rjh405):
> Please pardon me if this is an ignorant question. Presumably if you execute
> a fully-quoted command string in sudo and that string contains a redirect,
> then the output will be able to overwrite a file that only allows root edit
> E.g.: $ sudo 'cat /tmp/myfile.txt > /etc/passwd'
> Is there a configuration option to prevent a user with sudo permissions from
> doing this? I haven't been able to locate one.
Redirection like this is handled by the shell before sudo is even
executed. If you wrap the command in a shell it will work, e.g.
$ sudo sh -c 'cat /tmp/myfile.txt > /etc/passwd'
But then of course the user must have access to run /bin/sh.
More information about the sudo-users