this prevents users from "chaining" s\bsu\bud\bdo\bo commands to
get a root shell by doing something like "sudo sudo
/bin/sh". Note, however, that turning off _\br_\bo_\bo_\bt_\b__\bs_\bu_\bd_\bo
- will also prevent root and from running s\bsu\bud\bdo\boe\bed\bdi\bit\bt.
+ will also prevent root from running s\bsu\bud\bdo\boe\bed\bdi\bit\bt.
Disabling _\br_\bo_\bo_\bt_\b__\bs_\bu_\bd_\bo provides no real additional
security; it exists purely for historical reasons.
This flag is _\bo_\bn by default.
If set, root is allowed to run \fBsudo\fR too. Disabling this prevents users
from \*(L"chaining\*(R" \fBsudo\fR commands to get a root shell by doing something
like \f(CW"sudo sudo /bin/sh"\fR. Note, however, that turning off \fIroot_sudo\fR
-will also prevent root and from running \fBsudoedit\fR.
+will also prevent root from running \fBsudoedit\fR.
Disabling \fIroot_sudo\fR provides no real additional security; it
exists purely for historical reasons.
This flag is \fI@root_sudo@\fR by default.
If set, root is allowed to run B<sudo> too. Disabling this prevents users
from "chaining" B<sudo> commands to get a root shell by doing something
like C<"sudo sudo /bin/sh">. Note, however, that turning off I<root_sudo>
-will also prevent root and from running B<sudoedit>.
+will also prevent root from running B<sudoedit>.
Disabling I<root_sudo> provides no real additional security; it
exists purely for historical reasons.
This flag is I<@root_sudo@> by default.
projects / sudo / commitdiff