[sudo-workers] How does one do a "sudo -l" for another user ...

Alek O. Komarnitsky (N-CSC) alek at ast.lmco.com
Tue Nov 9 11:48:33 EST 2004


I seem to recall this being discussed sometime earlier this year,
but can't seem to find it in the archives and/or a way to do it in
in the sudo manual ... but how do I find the "allowed/forbidden"
commands for another user. 

I.e. if I do a "sudo -l" it shows what "alek" can do.
But I want to see what commands that "fred" can do.

I suspect this may not be doable, since it's possibly
a security hole - i.e. a "normal" user should not be able
to see what type of sudo commands another user can do,
but assuming I have sudo=ALL, is there a way for me to
get that list?

I tried doing a "sudo -u fred sudo -l" ... but it correctly
prompts me for fred's password ... which I don't know and
don't want to know.

Yes, I can look IN the sudoers file (or ask the user to run it),
but is there any clever way of doing that via sudo itself as an admin.

Thanx,
alek



More information about the sudo-workers mailing list