cross-platform virus
Jan Claeys
lists at janc.be
Sun Apr 9 15:38:45 BST 2006
Op zo, 09-04-2006 te 23:29 +1000, schreef Sasha Tsykin:
> Tristan Wibberley wrote:
> > Do not use sudo -s. use sudo -i. sudo -s should be removed or at the
> > least documented that it should never be used.
> >
> > sudo -s runs your own .bashrc as root - yet your .bashrc is writable by
> > your own user account - which could be compromised by a firefox flaw, or
> > a flaw in your email program, etc...
[...]
> Which is all very well and good, but if you are running a number of
> commands which all require root access, then it is a major pain to
> preface each command with sudo. [...]
$ man sudo
[...]
-i The -i (simulate initial login) option runs the shell specified in
the passwd(5) entry of the user that the command is being run as.
The command name argument given to the shell begins with a - to
tell the shell to run as a login shell. sudo attempts to change to
that user’s home directory before running the shell. It also ini‐
tializes the environment, leaving TERM unchanged, setting HOME,
SHELL, USER, LOGNAME, and PATH, and unsetting all other environment
variables. Note that because the shell to use is determined before
the sudoers file is parsed, a runas_default setting in sudoers will
specify the user to run the shell as but will not affect which
shell is actually run.
[...]
No need to preface every command with 'sudo'...
--
Jan Claeys
More information about the sounder
mailing list