On 26 September 2014 12:08, Russ Allbery <[email protected]> wrote:
>
> > brian@aquitard:~$ sudo echo='() { /bin/echo bar; }' bash
> > root@aquitard:/home/brian# echo hello
> > bar
>
> I think you have that backwards, don't you? Shouldn't that be:
>
> echo='() { /bin/echo bar; }' sudo bash
>
I think sudo treats both as the same/similar thing.
However, just edited /etc/sudoers and replaced:
%sudo ALL=(ALL:ALL) ALL
with:
%sudo ALL = (ALL:ALL) /home/brian/test.sh
i.e. lets me run only that specific command, and now sudo does sanitize the
environment:
brian@aquitard:~$ sudo echo='() { /bin/echo bar; id; }' ./test.sh
sudo: sorry, you are not allowed to set the following environment
variables: echo
sudo should stop you from doing things like this unless you've explicitly
> told sudo to allow the client to set any environment variable.
>
Seems to be it is disabled if you allow the client to run any command too.
However, forget my concern for sudo, it doesn't exist.
--
Brian May <[email protected]>
