[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [LTP] What is "super"



On Mon, Mar 12, 2001 at 09:45:59PM +0100, Urban Widmark wrote:
> I put the full path in the sudoers file and then ran the script. I tested
> again now and it still works for me, so it's not that I did something
> special the first time.

Hmm, I'll have to tinker with it more.

> Btw, isn't it a bit dangerous to run without pathname, ie 'super foo' ?

super uses a restricted list of programs just like sudo does.  Unless
you do something wrong in /etc/super.tab, there isn't anything dangerous
about it.  I did notice that running "super foo" with foo listed in
/etc/super.tab, but not in your path works, which probably shouldn't.

> If I modify runalltest.sh to put my personal bin dir first, I can run
> whatever I want as foo with root permissions. In most cases this is a
> non-issue I guess, since the person running ltp is probably a developer on
> a single user machine. But still?

Did you actually do this?  I don't think it's possible, but I'll have to
try it out.  

-- 
Nate Straz                                              nstraz@sgi.com
sgi, inc                                           http://www.sgi.com/
Linux Test Project                    http://oss.sgi.com/projects/ltp/