[sudo-users] Letting just selected environment variables through
R. Diez
rdiezmail-temp2 at yahoo.de
Mon Jul 31 05:24:14 MDT 2017
Hi all:
I have written a shell script to help me mount Windows shares, it's here:
https://github.com/rdiez/Tools/blob/master/MountWindowsShares/mount-windows-shares-sudo.sh
It's just a fancy wrapper for "sudo mount -t cifs". The script obtains the password once, and uses the same password for all 'mount' invocations.
I do not want to pass the password as a command-line argument anymore, because that is insecure, as all users can see the command lines of all processes currently running on the Linux PC . If you look at the man page for "mount.cifs" , you'll see that one can use environment variables PASSWD or PASSWD_FILE for that purpose.
The trouble is, sudo filters most environment variables out. I could use sudo's "--preserve-env", but that passes all of them, which may increase the attack surface (or even not be allowed). I could use sudo's VAR=VALUE syntax, but that would obviously defeat the whole purpose, as those command-line arguments with the login credentials would also be visible to all users.
I think sudo should provide a command-line argument to specify which environment variables to let through, so that you do not need to expose their contents in the command line, or let them all through.
Please copy me on any answers, as I am not subscribed to this mailing list.
Regards, rdiez
More information about the sudo-users
mailing list