[sudo-users] Sudo with PEP (Privilege Extension Prevention)
Todd C. Miller
Todd.Miller at courtesan.com
Thu Nov 21 15:31:46 MST 2013
It sounds like your main concern is that sudo might run a program
or script that is writable by an unprivileged user, is that correct?
There's currently no way require that commands be writable only by
root or the user the command is being run as, which sounds like
what you want. I think you'd have to disallow group writability
too, as well as writability of the parent directory.
Sudo 1.8.7 and higher allow you to specify a SHA-2 digest for a
command which can prevent a modified program or script from being
run. However, if the directory the command is located in is writable
by unprivileged users, there is a time of check vs. time of use
race condition.
- todd
More information about the sudo-users
mailing list