ubuntu-devel@lists.ubuntu.com
[Top] [All Lists]

Re: Misconfiguration of sudo is insecure (Was: Sudo even more secure)

Subject: Re: Misconfiguration of sudo is insecure Was: Sudo even more secure
From: Jens Bech Madsen
Date: Thu, 23 Mar 2006 06:54:41 +0100
ons, 22 03 2006 kl. 23:39 +0100, skrev Étienne Bersac:
> Hello,
> 
> A good solution should be to really become root when typing sudo -s.  
> This is sometimes very annoying that some .files of user's home  
> belong to root, because sudo -s keep using user's home as $HOME.

man sudo

-H  The -H (HOME) option sets the HOME environment variable to the
    homedir of the target user (root by default) as specified in
    passwd(5).  By default, sudo does not modify HOME (see set_home and
    always_set_home in sudoers(5)).


man sudoers

always_set_home
  If set, sudo will set the HOME environment variable to the home    
  directory of the target user (which is root unless the -u option is
  used).  This effectively means that the -H flag is always implied. 
  This flag is off by default.


I think it would be a mistake to change the defaults of sudo without
carefully considering what might break.


/Jens


--
ubuntu-devel mailing list
ubuntu-devel@xxxxxxxxxxxxxxxx
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

<Prev in Thread] Current Thread [Next in Thread>