Timeline for Do I need to specify the pathname of a command added in `/etc/sudoers`, every time I run it with `sudo`?
Current License: CC BY-SA 3.0
9 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Apr 2, 2018 at 19:52 | comment | added | Rui F Ribeiro | Later on, busy with something else | |
| Apr 2, 2018 at 19:47 | comment | added | Tim | I was wondering if you are available to add more details? Thanks. | |
| Apr 2, 2018 at 0:49 | comment | added | Rui F Ribeiro | You use only for example, t ALL=(ALL) NOPASSWD: xxxx without any path and put in secure_path only /bin and /usr/bin (or add /opt/bin for instance). I am going off, might improve both answers tomorrow a bit, 2AM here in my timezone already. | |
| Apr 2, 2018 at 0:47 | comment | added | Tim | do you mean if pathname exists in /etc/sudoers, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"? | |
| Apr 2, 2018 at 0:42 | comment | added | Rui F Ribeiro | If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6 | |
| Apr 2, 2018 at 0:40 | comment | added | Tim | Do I need to specify pathname to the command, when I run it with sudo? | |
| Apr 2, 2018 at 0:37 | comment | added | Rui F Ribeiro | You do not use the full pathname, and configure a restricted Defaults secure_path; nonetheless defining the full path gives you an extra layer of security. | |
| Apr 2, 2018 at 0:33 | comment | added | Tim | Thanks. How do you achieve "not need per se to define the full pathname" in /etc/sudoers? My post is whether I need to specify pathname when running it with sudo. | |
| Apr 2, 2018 at 0:32 | history | answered | Rui F Ribeiro | CC BY-SA 3.0 |