Re: sudo and shell builtins
scripsit martin f krafft:
> also sprach Thanasis Kinias <tkinias@optimalco.com> [2002.08.03.0041 +0200]:
> > > When sudo finished, permissions will be dropped. what good is a shell
> > > that might have `pwd` set to a non-permitted resource, but not be able
> > > to do anything with it since it's administratively prohibited?
> >
> > I can do 'sudo ls', 'sudo tail _file_', etc.
>
> yup. but you can't do cd'ing as it changes the current shell, which
> doesn't have root privileges. ls'ing a dir is not a problem as it
> doesn't change the shell, just temporarily it gets a directory
> listing with root privs, then prints that, then it's over. a cd call
> leaves you in another directory. what if the root privileges allow the
> cd into a specific dir? if your regular privs don't allow a cd into
> that dir, you'll be left in that directory without rights.
What I meant was that even though I would be "left in that directory
without rights" I could still work there (ls, cat files, etc.) by using
sudo -- i.e., 'sudo ls' once I've gotten into the directory via 'sudo
foo', where 'foo' is my magic sudo'able 'cd'.
All this suggests to me that the original question -- whether it's
practical to avoid root shells totally -- is answered ;)
--
Thanasis Kinias
Web Developer, Information Technology
Graduate Student, Department of History
Arizona State University
Tempe, Arizona, U.S.A.
Ash nazg durbatul�k, ash nazg gimbatul,
Ash nazg thrakatul�k agh burzum-ishi krimpatul
Reply to: