On Thursday 15 April 2004 20.28, Phil Mocek wrote:
I think it goes without saying that you should never have a user writable directory in your path when you run things as root.
Really? So when you give sudo privileges to a user, including yourself, just how do you guarantee that the user will change his path before every use of sudo?
configure option --with-secure-path --with-secure-path[=PATH] Path used for every command run from sudo(8). If you don't trust the people running sudo to have a sane PATH environment variable you may want to use this. Another use is if you want to have the "root path" be separate from the "user path." You will need to customize the path for your site. NOTE: this is not applied to users in the group specified by --with-exemptgroup. If you do not specify a path, "/bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc" is used. I'm pretty sure there's a way to do it with pam as well