[sudo-users] sudo from (CGI) scripts
Christoph Anton Mitterer
calestyo at scientia.net
Sun Jan 8 11:10:29 EST 2012
Hi.
sudo has already some nice options to have it run from (especially CGI)
scripts (i.e. -"n")... imagine it would accidentally try to read a
password and hang there for ever, allowing eventually a DoS attack via
the webserver.
What I miss is a functionally to override the output in case of _any_
error (especially when a user is simply denied to do anything,.. not
just because he entered a wrong password).
With CGI scripts this could be used to return some reasonable answer to
the httpd server, e.g. something like:
"Status: 403 Forbidden\n\n" (following printf(3) format strings).
Could something like this be added?
Cheers,
Chris.
More information about the sudo-users
mailing list