[sudo-workers] sudo .ldaprc handling
Todd C. Miller
Todd.Miller at courtesan.com
Mon Dec 19 09:07:14 EST 2005
In message <20051219075920.GN4828 at sole.infis.univ.trieste.it>
so spake Andrea Barisani (lcars):
> Sudo is setuid and it runs as root, it's never meant to open any
> /home/$user/.ldaprc file in the first place and only root's one if any will
> be considered as expected. Am I missing something?
Yes, but the program sudo runs will *not* be setuid root. You still
need to prevent access of the .ldaprc from the spawned program.
- todd
More information about the sudo-workers
mailing list