[sudo-users] sudo -l semantics

Alec Leamas leamas.alec at gmail.com
Thu Jan 2 12:33:37 MST 2014

On 2014-01-02 20:04, Shawn McMahon wrote:
> On Thu, Jan 2, 2014 at 1:57 PM, Alec Leamas <leamas.alec at gmail.com> wrote:
>> On 2014-01-02 19:37, Shawn McMahon wrote:
>>> The problem is that your use case is an information leakage. It's also a
>>> malicious user's use case, and there's no way to detect whether it was a
>>> good guy doing it or a bad guy, much less an ostensible good guy doing it
>>> for bad reasons.
>> I just don't see this (that is not to say it isn't there...): What's the
>> difference between prompting for a password or directly return a "You need
>> a password to do this" from an information leak point of view?
> If you're prompted for a password, you don't know if you would have been
> allowed to do it or not, unless you type in that password. This ensures
> it's the human user who's asking the question, not some malicious process
> of which he's unaware.
> If you're told "you can't do that", then a malicious process can test for
> commands allowed quickly and efficiently, and make further decisions based
> on that information.
Yes, if you could apply this for different commands, and get a reply. I 
have not suggested this.  M y idea is rather about  the meta-question: 
"Am I allowed to ask?" and get an answer to that one without a prompt. 
It would fix my usecase,  and I'm to dumb to see the catch...


More information about the sudo-users mailing list