Vulnerabilities of sudo

Do not think of sudo as a panacea to limiting root access. It is unfortunately fairly simple to extend the privileges granted to sudo. Suppose that you set up the user paul in the /etc/sudoers file so that he can execute any command as root except for all of the shells (/bin/bash, /bin/ ash, /bin/ksh, etc.). Now all the user paul has to do is use vi to edit any file and then execute :shell, to break out into a root shell and circumvent the limitation. He might also decide to copy one of the shells to another location—/tmp/bash for example—and then execute sudo / tmp/bash, which would not be restricted. The moral of this story is to be very careful about whom you grant permissions to; grant them only the commands which they absolutely need. Even then, it is possible that a way will be found to circumvent the limitations imposed by sudo.

Also, be careful about using groups and netgroups in the/etc/sudoers file. If a bad-guy finds a way to get included in a privileged group or netgroup, then it may be a simple matter to exploit full root privileges from there. For this reason, it is recommended that all users in /etc/sudoers be enumerated, as in Example 9-12 on page 185.