I want sudo to allow me to run a command when my current working directory is, for example, /tmp. Example usage is removing files from /tmp directory, so I am in /tmp ($PWD of shell == /tmp), then I can run, rm -v someuseless.bin (someuseless.bin of course not belongs to me, so I can't remove it).
If it is impossible (I can't find references in sudo manuals), then why? Maybe there is a security violation that I did not spotted here. Thanks.
Way to allow command in sudo based on the current working directory
sudo
Related Topic
- Set working directory of a command run via sudo
- debian – Allow Complex Sudo Command on Debian Linux
- Bash – Symbolic link and sudo
- Ansible Fails to Authenticate Sudo Even When Sudo Pass is Given
- Ssh – Ansible SSH as one user and Sudo as another
- Running service with systemd as default user via ansible in ec2 (requests password)
Best Answer
You can definitely embed the
$cwdin sudoers, to allow someone only to remove a file under a particular directory, but you're going the wrong way about it. The way to do what you want is to use absolute paths insudoers, eg