On Fri, May 20, 2022, 7:28 PM David Wright <deb...@lionunicorn.co.uk> wrote:
> On Thu 19 May 2022 at 15:42:33 (-0500), Nicholas Geovanis wrote:
> > On Thu, May 19, 2022, 3:14 AM 황병희 <soyeo...@doraji.xyz> wrote:
> > > Tom Browder <tom.brow...@gmail.com> writes:
> > >
> > > > I need a special path setting for root after both "sudo" and "sudo
> > > > su." (...)
> > >
> > > Just you try like as "sudo su -". Sometimes i use it that way.
> > >
> >
> > When I need to use sudo or su to invoke executables, I fully qualify the
> > path to sudo and the path to that specific executable by using their full
> > path from /. And I often assign values to the important environment
> > variables at the beginning of that same command line. Like...
> >
> > joe="schmoe" slap="moe" /usr/bin/sudo ....
> >
> > The idea is to draw a line around that invocation by limiting what it
> > "knows".
>
> If you're running bash, then giving the full path for sudo will
> circumvent any aliases you've defined, and any other versions
> of sudo available from earlier in your $PATH, but there's not
> necessarily any security bonus. After Greg (2018):
>
Translation: There is no silver bullet that makes your system secure. There
are many steps large and small that make it incrementally more secure. Yes
that's true.
$ function /usr/bin/sudo { echo teehee; }
> $ /usr/bin/sudo whatever
> teehee
> $
>
> Cheers,
> David.
>
>
