[PLUG] sudo to root question
Rogan Creswick
creswick at gmail.com
Fri Apr 25 20:39:49 UTC 2008
On Fri, Apr 25, 2008 at 11:34 AM, Wil Cooley <wcooley at nakedape.cc> wrote:
> Newer versions of sudo have a program and rule called 'sudoedit', which
> gets around the editor hole. It:
> 1. Makes a copy of the file to edit in /tmp
> 2. Runs $EDITOR on the file as the user
> 3. Copies the file in place when the editor exits
Beware -- sudoedit doesn't seem to do any form of file locking, so the
last editor to exit gets the final say.
Does anyone know if/how sudo determines that a given comand is
actually the one that should be allowed? (Say I have root access to
ls, I add "." to my PATH, then create a copy of /bin/bash that's
called /tmp/ls, cd to /tmp and run 'sudo ls')
--Rogan
More information about the PLUG
mailing list