View list of sudoers with no sudo privileges
Clash Royale CLAN TAG#URR8PPP
up vote
4
down vote
favorite
- If I'm not a sudoer, is it possible to view the list of sudoers?
- Does
/etc/group
show this information?
permissions sudo group
add a comment |Â
up vote
4
down vote
favorite
- If I'm not a sudoer, is it possible to view the list of sudoers?
- Does
/etc/group
show this information?
permissions sudo group
1
Well, if a user is in thewheel
group, that is often a give-away, but it's not guaranteed. I do not believe/etc/group
contains any information specific to the sudoers.
â HalosGhost
Jul 6 '14 at 5:17
The sudoers information is in neither /etc/group nor /etc/passwd. It is in /etc/sudoers and /etc/sudoers.d/* but those files are typically readable only by root.
â John1024
Jul 6 '14 at 5:38
add a comment |Â
up vote
4
down vote
favorite
up vote
4
down vote
favorite
- If I'm not a sudoer, is it possible to view the list of sudoers?
- Does
/etc/group
show this information?
permissions sudo group
- If I'm not a sudoer, is it possible to view the list of sudoers?
- Does
/etc/group
show this information?
permissions sudo group
permissions sudo group
edited Aug 29 at 10:43
Jeff Schaller
32.7k849110
32.7k849110
asked Jul 6 '14 at 4:46
boxofchalk1
78128
78128
1
Well, if a user is in thewheel
group, that is often a give-away, but it's not guaranteed. I do not believe/etc/group
contains any information specific to the sudoers.
â HalosGhost
Jul 6 '14 at 5:17
The sudoers information is in neither /etc/group nor /etc/passwd. It is in /etc/sudoers and /etc/sudoers.d/* but those files are typically readable only by root.
â John1024
Jul 6 '14 at 5:38
add a comment |Â
1
Well, if a user is in thewheel
group, that is often a give-away, but it's not guaranteed. I do not believe/etc/group
contains any information specific to the sudoers.
â HalosGhost
Jul 6 '14 at 5:17
The sudoers information is in neither /etc/group nor /etc/passwd. It is in /etc/sudoers and /etc/sudoers.d/* but those files are typically readable only by root.
â John1024
Jul 6 '14 at 5:38
1
1
Well, if a user is in the
wheel
group, that is often a give-away, but it's not guaranteed. I do not believe /etc/group
contains any information specific to the sudoers.â HalosGhost
Jul 6 '14 at 5:17
Well, if a user is in the
wheel
group, that is often a give-away, but it's not guaranteed. I do not believe /etc/group
contains any information specific to the sudoers.â HalosGhost
Jul 6 '14 at 5:17
The sudoers information is in neither /etc/group nor /etc/passwd. It is in /etc/sudoers and /etc/sudoers.d/* but those files are typically readable only by root.
â John1024
Jul 6 '14 at 5:38
The sudoers information is in neither /etc/group nor /etc/passwd. It is in /etc/sudoers and /etc/sudoers.d/* but those files are typically readable only by root.
â John1024
Jul 6 '14 at 5:38
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
7
down vote
accepted
No you're unable to find out whom has access to sudo rights if you yourself do not have access directly. You could possibly "back into it" by seeing what users if any are members of the Unix group "wheel".
Example
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
Being a member of the "wheel" group typically allows for full sudo rights through this rule that's often in a systems sudoers file, /etc/sudoers
.
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
But there are no guarantees that the administrator of a given system decided to give sudo
rights out in this manner. The just as easily could've done it like so:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
saml ALL=(ALL) ALL
In which case, without sudo
rights you could never gain access to a system's /etc/sudoers
file to see this entry.
What about /etc/groups
This file only shows users who have a 2nd, 3rd, etc. group associated with them. Often times user accounts only have a single group associated, in which case you'd need to use a slightly different command to find out a given user's primary group:
$ getent passwd saml
saml:x:1000:1000:saml:/home/saml:/bin/bash
Here user "saml" has the primary group 1000. This GID equates to this group:
$ getent group 1000
saml:x:1000:saml
But none of this actually tells you anything as to which user accounts have sudo
rights.
Why the big secret?
This is all done to prevent what's known as a side channel attack. Leaking information out, such as which accounts have privileges, would give important information out to a would be attacker, if they were able to gain access to any account on a given system. So often times it's best to mask this info from any non-privileged account.
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
7
down vote
accepted
No you're unable to find out whom has access to sudo rights if you yourself do not have access directly. You could possibly "back into it" by seeing what users if any are members of the Unix group "wheel".
Example
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
Being a member of the "wheel" group typically allows for full sudo rights through this rule that's often in a systems sudoers file, /etc/sudoers
.
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
But there are no guarantees that the administrator of a given system decided to give sudo
rights out in this manner. The just as easily could've done it like so:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
saml ALL=(ALL) ALL
In which case, without sudo
rights you could never gain access to a system's /etc/sudoers
file to see this entry.
What about /etc/groups
This file only shows users who have a 2nd, 3rd, etc. group associated with them. Often times user accounts only have a single group associated, in which case you'd need to use a slightly different command to find out a given user's primary group:
$ getent passwd saml
saml:x:1000:1000:saml:/home/saml:/bin/bash
Here user "saml" has the primary group 1000. This GID equates to this group:
$ getent group 1000
saml:x:1000:saml
But none of this actually tells you anything as to which user accounts have sudo
rights.
Why the big secret?
This is all done to prevent what's known as a side channel attack. Leaking information out, such as which accounts have privileges, would give important information out to a would be attacker, if they were able to gain access to any account on a given system. So often times it's best to mask this info from any non-privileged account.
add a comment |Â
up vote
7
down vote
accepted
No you're unable to find out whom has access to sudo rights if you yourself do not have access directly. You could possibly "back into it" by seeing what users if any are members of the Unix group "wheel".
Example
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
Being a member of the "wheel" group typically allows for full sudo rights through this rule that's often in a systems sudoers file, /etc/sudoers
.
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
But there are no guarantees that the administrator of a given system decided to give sudo
rights out in this manner. The just as easily could've done it like so:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
saml ALL=(ALL) ALL
In which case, without sudo
rights you could never gain access to a system's /etc/sudoers
file to see this entry.
What about /etc/groups
This file only shows users who have a 2nd, 3rd, etc. group associated with them. Often times user accounts only have a single group associated, in which case you'd need to use a slightly different command to find out a given user's primary group:
$ getent passwd saml
saml:x:1000:1000:saml:/home/saml:/bin/bash
Here user "saml" has the primary group 1000. This GID equates to this group:
$ getent group 1000
saml:x:1000:saml
But none of this actually tells you anything as to which user accounts have sudo
rights.
Why the big secret?
This is all done to prevent what's known as a side channel attack. Leaking information out, such as which accounts have privileges, would give important information out to a would be attacker, if they were able to gain access to any account on a given system. So often times it's best to mask this info from any non-privileged account.
add a comment |Â
up vote
7
down vote
accepted
up vote
7
down vote
accepted
No you're unable to find out whom has access to sudo rights if you yourself do not have access directly. You could possibly "back into it" by seeing what users if any are members of the Unix group "wheel".
Example
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
Being a member of the "wheel" group typically allows for full sudo rights through this rule that's often in a systems sudoers file, /etc/sudoers
.
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
But there are no guarantees that the administrator of a given system decided to give sudo
rights out in this manner. The just as easily could've done it like so:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
saml ALL=(ALL) ALL
In which case, without sudo
rights you could never gain access to a system's /etc/sudoers
file to see this entry.
What about /etc/groups
This file only shows users who have a 2nd, 3rd, etc. group associated with them. Often times user accounts only have a single group associated, in which case you'd need to use a slightly different command to find out a given user's primary group:
$ getent passwd saml
saml:x:1000:1000:saml:/home/saml:/bin/bash
Here user "saml" has the primary group 1000. This GID equates to this group:
$ getent group 1000
saml:x:1000:saml
But none of this actually tells you anything as to which user accounts have sudo
rights.
Why the big secret?
This is all done to prevent what's known as a side channel attack. Leaking information out, such as which accounts have privileges, would give important information out to a would be attacker, if they were able to gain access to any account on a given system. So often times it's best to mask this info from any non-privileged account.
No you're unable to find out whom has access to sudo rights if you yourself do not have access directly. You could possibly "back into it" by seeing what users if any are members of the Unix group "wheel".
Example
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
Being a member of the "wheel" group typically allows for full sudo rights through this rule that's often in a systems sudoers file, /etc/sudoers
.
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
But there are no guarantees that the administrator of a given system decided to give sudo
rights out in this manner. The just as easily could've done it like so:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
saml ALL=(ALL) ALL
In which case, without sudo
rights you could never gain access to a system's /etc/sudoers
file to see this entry.
What about /etc/groups
This file only shows users who have a 2nd, 3rd, etc. group associated with them. Often times user accounts only have a single group associated, in which case you'd need to use a slightly different command to find out a given user's primary group:
$ getent passwd saml
saml:x:1000:1000:saml:/home/saml:/bin/bash
Here user "saml" has the primary group 1000. This GID equates to this group:
$ getent group 1000
saml:x:1000:saml
But none of this actually tells you anything as to which user accounts have sudo
rights.
Why the big secret?
This is all done to prevent what's known as a side channel attack. Leaking information out, such as which accounts have privileges, would give important information out to a would be attacker, if they were able to gain access to any account on a given system. So often times it's best to mask this info from any non-privileged account.
answered Jul 6 '14 at 6:04
slmâ¦
239k65494665
239k65494665
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f140968%2fview-list-of-sudoers-with-no-sudo-privileges%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
Well, if a user is in the
wheel
group, that is often a give-away, but it's not guaranteed. I do not believe/etc/group
contains any information specific to the sudoers.â HalosGhost
Jul 6 '14 at 5:17
The sudoers information is in neither /etc/group nor /etc/passwd. It is in /etc/sudoers and /etc/sudoers.d/* but those files are typically readable only by root.
â John1024
Jul 6 '14 at 5:38