[sudo-workers] sudo .ldaprc handling

Todd C. Miller Todd.Miller at courtesan.com
Mon Dec 19 09:07:14 EST 2005

In message <20051219075920.GN4828 at sole.infis.univ.trieste.it>
	so spake Andrea Barisani (lcars):

> Sudo is setuid and it runs as root, it's never meant to open any
> /home/$user/.ldaprc file in the first place and only root's one if any will 
> be considered as expected. Am I missing something?

Yes, but the program sudo runs will *not* be setuid root.  You still
need to prevent access of the .ldaprc from the spawned program.

 - todd

More information about the sudo-workers mailing list