[ale] Sudo

Jim Popovitch jimpop at yahoo.com
Wed May 18 20:56:34 EDT 2005


On Wed, 2005-05-18 at 20:25 -0400, Stephen Cristol wrote:
> On May 18, 2005, at 5:21 PM, Jim Popovitch wrote:
> > What I think would be neat is for bash (or other shells) to remember
> > sudo commands that users run and to automatically invoke sudo the next
> > time I run the command without it.  Knowing when to use sudo is not the
> > issue here, having sudo know when it is needed is.
> >
> > 1) Why would this be good/bad?
> 
> One way this could be bad is that some commands offer different 
> capabilities to root and non-privileged users. A shell cannot predict 
> with certainty whether it should request a privilege escalation or not 
> in such a situation.

One thing that may not be clear is that I am talking about matching the
exact command line so "sudo ifconfig eth0" would be different than
"ifconfig eth1".  There are several commands that I repeatedly run using
sudo, so if the shell supported remembering them, the next time I ran
them it is ok to assume I meant to use sudo even if I didn't explicitly
specify it.  Just to be clear, this is workstation/desktop func, not
server stuff.

> Consider the "unlink" command. This will fail if a non-privileged user 
> tries to remove a non-empty directory. If root gives the same command, 
> it is likely to succeed. What I've read on the subject suggests this 
> can seriously damage a file system.
> 
> What should the shell do when you try to unlink a non-empty directory?

The normal thing: complain.  ;-)  If I had previously saved "sudo rm
-rf /tmp/*" then the next time (as a user) that I ran "rm -rf /tmp/*" it
would use sudo automatically.  This in no way implies that there is no
need for a passwd prompt, that is left up to /etc/sudoers.

Thanks,

-Jim P.






More information about the Ale mailing list