[sudo-users] Root sudo privileges

Maarten de Vries maarten at de-vri.es
Tue Feb 23 03:49:23 MST 2016


On 23 February 2016 at 04:04, john william <jwk1986 at yahoo.com> wrote:

> How does preventing users from “chaining” sudo commands not provide
> additional security when it potentially prevents users from getting a root
> shell or executing other commands?
> The root account can use su -l <user> - c <command> vs using sudo


​If you don't allow a user to execute sudo as root there is no possibility
of chaining it in the first place.​

​If the user can execute arbitrary commands as root they might as well be
allowed to run sudo again.​

-- Maarten


More information about the sudo-users mailing list