Annoying sudo change?
Peter Kim
orca.dw at gmail.com
Fri Dec 12 05:30:53 UTC 2008
Did you try sudo su -?
sudo su - is equivalent to su - which is a login shell.
On Fri, Dec 12, 2008 at 12:10 AM, Tom Horsley <tom.horsley at att.net> wrote:
> On Thu, 11 Dec 2008 23:56:17 -0500 (EST)
> Steven W. Orr wrote:
>
> > Let's say for arguments sake that you're correct. Regardless, what sort
> of
> > suggestion does anyone have to allow Tom to do what he wants? Yes he may
> > be doing it wrong, but right now he's not doing it at all.
>
> Actually, I just downloaded the source rpm and rebuilt with a different
> hard coded path that included /usr/local/bin, which was the main
> missing bit that caused me lots of grief.
>
> It does seem odd to me that it is essential for proper security to
> have sudo restrict the PATH to just /sbin:/bin:/usr/sbin:/usr/bin
> yet if I login as root, the PATH is:
>
>
> /usr/lib64/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/NX/bin:/root/bin
>
> Shouldn't proper security dictate that root's login PATH be just
> as restricted as sudo's built-in PATH? :-).
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> Guidelines:
> http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20081212/1ec4ecfb/attachment-0001.htm>
More information about the fedora-list
mailing list