From: Todd C. Miller Date: Sun, 23 Nov 1997 05:21:20 +0000 (+0000) Subject: talk about problem of ALL X-Git-Tag: SUDO_1_5_4~20 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=52fb34f9211e29b8c98e05dd80c42025db0a17ce;p=sudo talk about problem of ALL --- diff --git a/sudo.pod b/sudo.pod index e4fd3eb8c..55aa36f3b 100644 --- a/sudo.pod +++ b/sudo.pod @@ -13,7 +13,7 @@ B B<-V> | B<-h> | B<-l> | B<-v> | B<-k> | B<-s> | B<-H> | =head1 DESCRIPTION -B allows a permitted user to execute a I +B allows a permitted user to execute a I as the superuser (real and effective uid and gid are set to C<0> and root's group as set in the passwd file respectively). @@ -99,7 +99,7 @@ in passwd(5). =item -H The C<-H> (I) option sets the I environmental variable -to the homedir of the target user (root by default) as specified +to the homedir of the target user (root by default) as specified in passwd(5). =item -- @@ -215,8 +215,13 @@ with this program; if not, write to the Free Software Foundation, Inc., =head1 CAVEATS -There is no easy way to prevent a user from gaining a root shell if +There is no easy way to prevent a user from gaining a root shell if that user has access to commands allow shell escapes. + +If users have sudo ALL there is nothing to prevent them from creating +their own program that gives them a root shell regardless of any '!' +elements in the user specification. + Running shell scripts via B can expose the same kernel bugs that make setuid shell scripts unsafe on some operating systems.