Mu zothandiza
Ngati ma sudoers ali ovomerezeka, koma osowa kwambiri, malamulo omwe amalola kuchitidwa kwa lamulo linalake pansi pa UID wa wogwiritsa ntchito wina aliyense kupatula muzu, wowukira yemwe ali ndi ulamuliro wotsatira lamuloli akhoza kudumpha malire omwe akhazikitsidwa ndikuchita lamulo ndi ufulu wa mizu. Kuti mulambalale malire, ingoyesani kuchita lamulo lomwe lafotokozedwa muzokonda ndi UID "-1" kapena "4294967295", zomwe zidzatsogolera ku kuphedwa kwake ndi UID 0.
Mwachitsanzo, ngati pali lamulo m'makonzedwe omwe amapatsa wogwiritsa ntchito ufulu wochita /usr/bin/id pansi pa UID iliyonse:
myhost ONSE = (Zonse, !root) /usr/bin/id
kapena njira yomwe imalola kuphedwa kokha kwa wosuta wina:
myhost bob = (Zonse, !root) /usr/bin/id
Wogwiritsa ntchito atha kupanga "sudo -u '#-1' id" ndipo /usr/bin/id zofunikira zidzakhazikitsidwa ngati muzu, ngakhale zitaletsedwa mwatsatanetsatane. Vutoli limayamba chifukwa chonyalanyaza zinthu zapadera "-1" kapena "4294967295", zomwe sizimayambitsa kusintha kwa UID, koma popeza sudo yokha ikugwira ntchito kale ngati muzu, osasintha UID, lamulo lachindunji lilinso. idayambitsidwa ndi ufulu wa mizu.
Mu magawo a SUSE ndi openSUSE, osatchula "NOPASSWD" mu lamuloli, pali chiwopsezo.
myhost ONSE = (Zonse, !root) NOPASSWD: /usr/bin/id
Nkhani yokhazikika pakumasulidwa
Source: opennet.ru