-Ramon
On 27/10/2022 01:06, Grant Taylor wrote:
On 10/26/22 3:48 PM, Ramon Fischer wrote:I have created an issue at their Git repository. Maybe there will be solution for this:https://github.com/sudo-project/sudo/issues/190I ... don't know where to begin.There are so many ways that you can hurt yourself with syntactically valid sudoers that it's not even funny.You could allow list almost all commands, without using the special ALL place holder and then remark critical commands and end up in a very similar situation.At some point we have to trust that Systems Administrators / Sudoers editors know what they are doing and let them do so.
-- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_0x155BE26413E699BF.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature