Y
Hacker News
new
|
ask
|
show
|
jobs
by
quench
1082 days ago
most of the shell exploits are prevented by including NOEXEC: in the sudo permissions. IDK why this is not the default.
This prevents the sudoed command from running any other commands
2 comments
themerone
1082 days ago
This would break most package managers and many other system tools.
link
PeterisP
1082 days ago
For me, I quite often use sudo to run scripts that install or reconfigure something, and they obviously do need to execute other commands.
link