James Carlson wrote: > Darren J Moffat writes: >> Garrett D'Amore wrote: >>> Finally, how will an unconfigured sudo installation behave? (More to >> The default case isn't actually unconfigured. This case ships the >> default /etc/sudoers file (in the materials dir). >> >> The default sudoers file only allows root to use sudo. > > Possibly dumb question time: is that safe? What if root's privileges > are configured to be less than "everything?"
I don't believe we actually support such a configuration, I'm not even sure if the system works properly I know that Glenn Faden did do some investigation of this but I don't know the final outcome. I'll ask him to comment. > Won't installation of > this package (by way of its setuid bit on sudo and its default > configuration) then allow the previously-restricted root user to gain > privileges by default? To do this you would set the limitpriv set for root (modulo the above comment), if you didn't then you haven't actually restricted the set of privielges the root user could gain by running setuid programs anyway. The limit set is enforced even over setuid - that is after all the point of it - as is documented in user_attr(4) and privileges(5). So yes it is safe. -- Darren J Moffat
