> The focus of the article is "sudo access *only* to apt". When we talk > about unrestricted sudo access it doesn't even make sense to talk about > privilege escalation because unrestricted sudo is by design a privilege > escalation. Similarly, sudo access *only* to bash enables execution of loads of things. Hand-installing a user-provided deb could do things like put suid root binaries on the filesystem, too. Paul -- :wq