Hacker News new | ask | show | jobs
by throwaway7356 40 days ago
Yeah, works well:

$ /usr/bin/sudo() { echo Not the real sudo.; }

$ /usr/bin/sudo

Not the real sudo.

And every other suggestion also doesn't work if the attacker can just replace the shell.
1 comments
anthk 40 days ago
/usr/bin/sudo isn't evaluated as a function under ksh.
link
nightpool 40 days ago
> And every other suggestion also doesn't work if the attacker can just replace the shell.
link
anthk 40 days ago
With what? rc? My only shells are sh, ksh and rc there.
link