[sudo-workers] sudo -e authorization problem ?

Christian.Schmid at snb.ch Christian.Schmid at snb.ch
Mon Jul 5 08:19:31 EDT 2004


I compiled sudo 1.6.8rc1 as followed:

./configure --with-SecurID=/<pathto>/examples --with-logging=syslog 
--with-loglen=0 --with-secure-path --with-logfac=auth
make install

Sudo is working fine. However, when I call sudo with the -e option it 
seems that any user mentioned in
the sudoers file can edit whatever file. Even if not defined in the 
sudoers file.

I added for example following entry for user kess in /etc/sudoers:

kess            ALL=NOPASSWD:/usr/sbin/bootinfo

After this change I could execute the bootinfo command with user kess. No 
other command
could be executed by kess. BUT: If I do a sudo -e I can change whatever 
file with kess as root

Any idea ?



This message is for information purposes only. It may not be secure or
error-free. The Swiss National Bank does not accept legal responsibility for
any consequences resulting from e-mail use.

More information about the sudo-workers mailing list