-
-
Notifications
You must be signed in to change notification settings - Fork 210
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
-s option command string manipulation #78
Comments
sudo doesn't take the entire argument as a single string. What you're doing is the equivalent of this:
As far as sudo can tell, maybe you really do want to call a program called "whoami; whoami"? bash interprets the quotes, so all sudo will see is the literal value |
@noproto @millert Would you consider a PR that I might make to change this behavior so that sudo does not add any additional quote wrapping to the command string? I imagine that way the user could decide themselves if they'd like the shell call to be EDIT: After looking at the code and running in debug mode I'm beginning to understand this a bit better now. It seems this comment is mostly nonsense. Please ignore :-) |
I've looked at the code for this a bit. Lines 625 to 627 in 888f63a
Are the space and the How is this list of non escaped "potential meta characters" chosen? Why is it only the nonalphanums |
Seems to be solved by #86 but I'd love to better understand why the escaping was going on in the first place to figure out if just removing it is the right thing to do! |
The manpage for the -s option says:
So if my SHELL is bash, I expect
$ sudo -s "whoami; whoami"
to be the same as runningbash -c "whoami; whoami"
as the root user. But that doesn't work:Of course
works fine.
Could my sudo be misconfigured or compiled with a missing/incorrect option for this to work correctly?
Or is this a bug in sudo or its man page?
Or is it a bug in my understanding?
I'm using Sudo version 1.9.4p2 via Arch Linux.
The text was updated successfully, but these errors were encountered: