sudo-check

May 21, 2024 · 1 min read
project

sudo-check is a lightweight security auditing utility designed to analyze Linux /etc/sudoers files and /etc/sudoers.d/ directories. It helps security engineers and system administrators quickly identify misconfigurations, overly permissive rules, and potential privilege escalation pathways.

By scanning for common policy weaknesses, this tool provides actionable insights to tighten system access controls.

Key Auditing Features

  • Rule Analysis: Identifies NOPASSWD directives and wildcard user specifications that could allow unauthorized root access.
  • Directive Validation: Verifies the presence of key security directives such as env_reset, secure_path, and use_pty.
  • Permission Checks: Validates the file permissions and ownership of critical configuration files to prevent unauthorized editing.
  • Alias Resolution: Parsers user, run-as, and command aliases to audit complex, nested rule structures.
Florian Stosse
Authors
Cybersecurity engineer
Cybersecurity engineer at the European Space Agency, specializing in space systems security, embedded platform hardening, and software security defenses.