Martin Pitt martin.pitt at
Fri Nov 25 04:59:08 CST 2005

Hi Carlos!

Carlos Ribeiro [2005-11-25  8:22 -0200]:
> My first guess was 'why not patch sudo for some extra option', but you're
> right, it would mess with someone's else code. 

I already did - I added the -t option to test whether a command can be
executed without actually doing it.

> But - is there any reason why a simple tool to parse /etc/sudoers
> would not work? It would replicate some of the work that sudo
> already does, but I assume that the format of the file is pretty
> stable.

Yes, /etc/sudoers can only be read as root. So you need a suid root
program anyway, and sudo already has all the necessary parsing stuff
and is proven code. The -t patch is trivial and safe.


Martin Pitt
Ubuntu Developer
Debian Developer

In a world without walls and fences, who needs Windows and Gates?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :

More information about the ubuntu-devel mailing list