Sudo and Globbing

The question is how we can use the sudo utility to display a list of files in a directory to which we have absolutely no Unix filesystem privileges Consider the following directory and files contained therein: $ ls -l total 4 drwxrwx—. 2 root root 4096 May 22 21:14 demo $ su Password: XXXXXXXX # ls -l demo total 0 -rw-r–r–. 1 root root 0 May 22 21:14 file1 -rw-r–r–. 1 root root 0 May 22 21:14 file2 -rw-r–r–. 1 root root 0 May 22 21:14 file3 # exit exit Note the directory permissions are 770 and the user and

Blocking Specific Commands and Utilities in Sudo

Sudo is a mechanism that enables a system administrator to give regular users permission to execute certain commands that they would normally not be allowed to use. Which user can do what is defined by the contents of /etc/sudoers. Typically you should use visudo to edit this file. So how do you prevent a user from using sudo to run specific commands in a subdirectory like /usr/bin but allow the user to run other commands in that same directory? Here is one way of doing it: # list of commands alice may not run Cmnd_Alias BANNED = /usr/bin/su, /usr/bin/ksh, usr/bin/zsh