[ale] Sudo

[Jason Day]

On Wed, May 18, 2005 at 05:21:40PM -0400, Jim Popovitch wrote:
> Several times in the (still going)
> setuid/viral/malware/root/non-root/etc discussion people have mentioned
> using sudo.  One of the things I've always disliked about sudo is the
> need for me to have to preface some commands I want to run as su vs
> which I don't.  What I mean is as a user if I want to run "ifconfig eth
> mtu 1149", I need to acually run "sudo ifconfig eth0 mtu 1149", but if I
> want to just see what the MTU is for interface eth0 I don't need sudo.
> What I think would be neat is for bash (or other shells) to remember
> sudo commands that users run and to automatically invoke sudo the next
> time I run the command without it.  Knowing when to use sudo is not the
> issue here, having sudo know when it is needed is.  
> 
> A couple of questions:
> 
> 1) Why would this be good/bad?

Personally, I think this is a bad idea because it removes the extra step
needed to perform a priviliged action.  If you've configured sudo so
that you don't need to enter a password, then having the shell
automatically convert "commant" to "sudo command" is dangerous.  It's
equivalent to always running as root, which we all know I think is a bad
idea :)

> 2) Is this something bash completion could accomplish?

I don't think so.  But it might be possible to write a wrapper script
that takes user input, passes it to bash, then passes the bash output
back to the user.  For each user input command, if it starts with
'sudo', store the command in a hashtable.  If it doesn't start with
sudo, then see if the command is in the hashtable.  If it is, prepend
'sudo ' before passing it to bash.  I don't know how well that would
work with pipes though.

-- 
Jason Day                                       jasonday at
http://jasonday.home.att.net                    worldnet dot att dot net
 
"Of course I'm paranoid, everyone is trying to kill me."
    -- Weyoun-6, Star Trek: Deep Space 9