[sudo-users] Grant permission by "digest" only?
A. James Lewis
james at fsck.co.uk
Fri Feb 28 13:05:10 MST 2020
I would like to allow "sudo" to grant access to /any/ binary that
matches the specified digest/checksum, or at least a given filename in
any path location.... Reading the manual for sudo it appears to suggest
that "*" matches 0 or more character, so I would hope I could match /*
and specify a digest.
The problem is that * seems to match any character except "/", so I can
only specify "any binary" at a specific depth in the filesystem. Is
there some way to achieve this, or some security reason I shouldn't want
to that I might have missed?
How would I achieve this?
ค. ﻝค๓єร ɭєฬเร (james at fsck.co.uk)
"Engineering does not require science. Science helps a lot but people
built perfectly good brick walls long before they knew why cement works."
More information about the sudo-users