[sudo-users] sudo remove -s and -i option
Goodman Leung
gbcbooksmj at gmail.com
Tue Aug 22 00:49:33 MDT 2017
now , the only unsecurity thing left is "sudo su"
在 2017/8/22 14:46, Goodman Leung 写道:
> unalias command ? exmaple ?
>
> but any way , i modified the sudo source code and satisfied what i need.
>
> here is the solution
>
> vi ./src/parse_args.c
> change
> static const char short_opts[] =
> "+Aa:bC:c:D:Eeg:Hh::iKklnPp:r:SsT:t:U:u:Vv";
> to
> static const char short_opts[] =
> "+Aa:bC:c:D:Eeg:Hh::KklnPp:r:ST:t:U:u:Vv";
>
> the recompile the sudo ,
> you will find out , options -i and -s is invalid .
>
> 在 2017/8/22 11:34, jbhanusri sri 写道:
>> Hi,
>>
>> It would be good to hear the security reason for removing that.
>>
>> However if you want to remove you can use unalias command.
>>
>> Thanks and Regards,
>> Bhanusri
>>
>> On Mon, Aug 21, 2017 at 2:52 AM, Goodman Leung <gbcbooksmj at gmail.com
>> <mailto:gbcbooksmj at gmail.com>> wrote:
>>
>> Boxbe <https://www.boxbe.com/overview> This message is eligible
>> for Automatic Cleanup! (gbcbooksmj at gmail.com
>> <mailto:gbcbooksmj at gmail.com>) Add cleanup rule
>> <https://www.boxbe.com/popup?url=https%3A%2F%2Fwww.boxbe.com%2Fcleanup%3Fkey%3DKAd02kv2J9ujPuZzWtmW8su%252FekwUA7EShfCaimBCYTM%253D%26token%3DlILGcCfjFVmK85PVO93cC%252FGDppMdbPulIiTbos%252Bo4pLOMFwuOHY8a0XitwzpJ2vNfXn5jdbNVOyQhB7NFDY9eU3BL3jVPB0X%252FMFiN1fOJX8X2n2YhZTrBwK7mFcDrMJ%252BMSBCf5R%252FwrU%253D&tc_serial=32216663184&tc_rand=227992428&utm_source=stf&utm_medium=email&utm_campaign=ANNO_CLEANUP_ADD&utm_content=001>
>> | More info
>> <http://blog.boxbe.com/general/boxbe-automatic-cleanup?tc_serial=32216663184&tc_rand=227992428&utm_source=stf&utm_medium=email&utm_campaign=ANNO_CLEANUP_ADD&utm_content=001>
>>
>>
>> hi list
>>
>> for security policy , i need to remove sudo -s or -i option ,
>> i thinks i need to modify sudo source code , but before that ,
>> any suggtions ?
>> ____________________________________________________________
>> sudo-users mailing list <sudo-users at sudo.ws
>> <mailto:sudo-users at sudo.ws>>
>> For list information, options, or to unsubscribe, visit:
>> https://www.sudo.ws/mailman/listinfo/sudo-users
>> <https://www.sudo.ws/mailman/listinfo/sudo-users>
>>
>>
>
More information about the sudo-users
mailing list