A simple LD_PRELOAD command can cause your shell to run "rm -rf /" when you type "/sudo".
replyIf your unprivileged user is compromised, you are pretty hosed.
It should be a way to make system env vars (profile.d or simlar) as readonly so every users' shell had these set to empty values and unable to change them.
replyAnything that can be modified by an attacker can not be used to secure the sudo command. This is a recursive requirementor hierarchy for secure systems.
replyYou can set the permissions so that the attacker can't modify it?
reply