RE: Sudo and Chown?

To: <debian-security@lists.debian.org>
Subject: RE: Sudo and Chown?
From: Anders Gjære <Anders@oslo.kvalito.no>
Date: Fri, 13 Jul 2001 10:52:09 +0200
Message-id: <[🔎] 010B55064719D511AEBD00500488036212F1B5@sekunda5.oslo.kvalito.no>

do sudo default allow the sudo-user to run every program, 
or just the program you spesify?

how will sudo work if you use the "time" command?

like "time vim /etc/passwd"


anders gjære
kvalito.no / concept.fr

-----Original Message-----
From: Michel Kaempf [mailto:maxx@via.ecp.fr]
Sent: 13. juli 2001 10:45
To: debian-security@lists.debian.org
Subject: Re: Sudo and Chown?


On Thu, Jul 12, 2001, Ethan Benson wrote:
> i am not certain that would solve it entirely though, how are you
> restricting them to only chown files in a certain directory?

Just an idea.. does your sudoers file protect you from attacks like the
one below?

sudo chown /place/chown/is/allowed/../../../../bin/sh

-- 
MaXX


--  
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Sudo and Chown?
  - From: "Martin F. Krafft" <madduck@madduck.net>
- Re: Sudo and Chown?
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: Sudo and Chown?
Next by Date: Re: Sudo and Chown?
Previous by thread: Re: Sudo and Chown?
Next by thread: Re: Sudo and Chown?
Index(es):
- Date
- Thread