>>>>> "Ethan" == Ethan Benson <[EMAIL PROTECTED]> writes:
Ethan> or even seemingly innocuous things like less or even cat. Less is a problem, yes, as is anything else with a shell escape. Ethan> sudo less anything !/bin/sh whoami r00t! Ethan> echo me ALL=ALL > s sudo 'cat s >> /etc/sudoers' doesn't work. the >> is a shell redirection, but sudo doesn't evaluate in a shell. $ echo me ALL=ALL > s $ cat s me ALL=ALL $ sudo 'cat s > foo' sudo: cat s > foo: command not found $ sudo cat s \> foo me ALL=ALL cat: >: No such file or directory cat: foo: No such file or directory I would be very shocked if you could compromise a system with a sudoers entry of: me hostname = (root) /bin/cat Ethan> sudo is a very large cannon which is difficult to keep aimed Ethan> away from the foot... That it is. But then, the root password is basically a very large cannon built into your shoe. -Eric
