[sudo-users] enforcing "sudo -i"

Grant Taylor gtaylor at tnetconsulting.net
Fri Aug 9 10:44:26 MDT 2019

On 8/9/19 6:11 AM, Shawn McMahon wrote:
> Lose the ability to have accounts with  /bin/false as the shell that 
> can run commands using sudo, but never get a shell. sudo -i will just 
> "exit 1" with those.



So there would need to be some intelligence to it.

  · Intelligently handle non-shells
  · Intelligently handle other incompatible flags, e.g. -l  (Credit to 
Mihai M.)

Grant. . . .
unix || die

More information about the sudo-users mailing list