Methinks anyone using sudo to allow non-root-users to execute specific
scripts without giving them full root perms is relying on security by
obscurity at this point. (Ditto for setuid Python scripts BTW.)
--Guido
On 1/10/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> Got this from a Google
Got this from a Google alert overnight. It's not really a Python problem
(it's a sudo problem), but it's probably not a bad idea to understand the
implications.
>> SUDO Python Environment Cleaning Privilege Escalation ...
>> Secunia - UK
>> ... This can be exploited by a user with su
