https://github.com/sudo-project/sudo/issues/190
-Ramon On 26/10/2022 21:28, Grant Taylor wrote:
On 10/26/22 12:22 PM, Neil Bothwick wrote:You need to be root to write to /etc/sudoers.d. If someone has that access, you are already doomed!And what happens if someone uses the existing root-via-sudo access to break sudo?You loose root-via-sudo access.Someone could become root, via sudo, edit the sudoers file without using visudo, introduce a syntax problem, thereby breaking sudo (fail secure).You could easily do this to yourself if you don't follow best practices.
-- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_0x155BE26413E699BF.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
