environment variable is _\bn_\bo_\bt modified and is passed unchanged to the
program that s\bsu\bud\bdo\bo executes.
+ Users should not be granted s\bsu\bud\bdo\bo privileges to execute files that are
+ writable by the user or that reside in a directory that is writable by
+ the user. If the user can modify or replace the command there is no way
+ to limit what additional commands they can run. Likewise, users should
+ not be granted s\bsu\bud\bdo\boe\bed\bdi\bit\bt permission to edit a file that resides in a
+ directory the user has write access to. A user with directory write
+ access could replace the legitimate file with a link to some other,
+ arbitrary, file. Starting with version 1.8.15, s\bsu\bud\bdo\boe\bed\bdi\bit\bt will refuse to
+ open a symbolic link unless the security policy explicitly permits it.
+ However, it is still possible to create a hard link if the directory is
+ writable and the link target resides on the same file system.
+
Please note that s\bsu\bud\bdo\bo will normally only log the command it explicitly
runs. If a user runs a command such as sudo su or sudo sh, subsequent
commands run from that shell are not subject to s\bsu\bud\bdo\bo's security policy.
file distributed with s\bsu\bud\bdo\bo or http://www.sudo.ws/license.html for
complete details.
-Sudo 1.8.15 August 6, 2015 Sudo 1.8.15
+Sudo 1.8.15 August 7, 2015 Sudo 1.8.15
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.TH "SUDO" "8" "August 6, 2015" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
+.TH "SUDO" "8" "August 7, 2015" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.nh
.if n .ad l
.SH "NAME"
\fBsudo\fR
executes.
.PP
+Users should not be granted
+\fBsudo\fR
+privileges to execute files that are writable by the user or
+that reside in a directory that is writable by the user.
+If the user can modify or replace the command there is no way
+to limit what additional commands they can run.
+Likewise, users should not be granted
+\fBsudoedit\fR
+permission to edit a file that resides in a directory the user has
+write access to.
+A user with directory write access could replace the legitimate
+file with a link to some other, arbitrary, file.
+Starting with version 1.8.15,
+\fBsudoedit\fR
+will refuse to open a symbolic link unless the security policy
+explicitly permits it.
+However, it is still possible to create a hard link if the directory
+is writable and the link target resides on the same file system.
+.PP
Please note that
\fBsudo\fR
will normally only log the command it explicitly runs.
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.Dd August 6, 2015
+.Dd August 7, 2015
.Dt SUDO @mansectsu@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
.Nm
executes.
.Pp
+Users should not be granted
+.Nm
+privileges to execute files that are writable by the user or
+that reside in a directory that is writable by the user.
+If the user can modify or replace the command there is no way
+to limit what additional commands they can run.
+Likewise, users should not be granted
+.Nm sudoedit
+permission to edit a file that resides in a directory the user has
+write access to.
+A user with directory write access could replace the legitimate
+file with a link to some other, arbitrary, file.
+Starting with version 1.8.15,
+.Nm sudoedit
+will refuse to open a symbolic link unless the security policy
+explicitly permits it.
+However, it is still possible to create a hard link if the directory
+is writable and the link target resides on the same file system.
+.Pp
Please note that
.Nm
will normally only log the command it explicitly runs.
projects / sudo / commitdiff