Mastering Linux Security and Hardening
上QQ阅读APP看书,第一时间看更新

View your sudo privileges

Are you unsure of what sudo privileges that you possess? Not to worry, you have a way to find out. Just run this command:

sudo -l

When I do this for myself, I first see some of the environmental variables for my account, and then I see that I have full sudo privileges:

donnie@packtpub1:~$ sudo -l
[sudo] password for donnie:
Matching Defaults entries for donnie on packtpub1:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User donnie may run the following commands on packtpub1:
(ALL : ALL) ALL
donnie@packtpub1:~$

When Frank, my formerly feral flamepoint Siamese cat, does this for his account, he sees that he can only do the fdisk -l command:

frank@packtpub1:~$ sudo -l
[sudo] password for frank:
Matching Defaults entries for frank on packtpub1:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User frank may run the following commands on packtpub1:
(ALL) /sbin fdisk -l
frank@packtpub1:~$

But since he's a cat, he doesn't complain. Instead, he'll just try to do something sneaky, as we'll see in just a bit.