Bug 547

Summary: RFE: StrictMode for sudo
Product: Sudo Reporter: Tong <biltong>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: NEW ---    
Severity: enhancement    
Priority: low    
Version: 1.8.4   
Hardware: PC   
OS: Linux   

Description Tong 2012-03-13 05:33:09 MDT 
Providing root access via sudo to a script provides an opportunity for exploit: if the directory, or any of the parent directories where the script resides is writeable by a non-root user, there is the opportunity for the script to be replaced with something that gives the non-root user shell access.

Would it be possible for sudo to add a StrictMode (similar to what ssh has for ~/.ssh) to warn about this?