View list of sudoers with no sudo privileges
No you're unable to find out whom has access to sudo rights if you yourself do not have access directly. You could possibly "back into it" by seeing what users if any are members of the Unix group "wheel".
Example
This shows that user "saml" is a member of the wheel group.
$ getent group wheel
wheel:x:10:saml
Being a member of the "wheel" group typically allows for full sudo rights through this rule that's often in a systems sudoers file, /etc/sudoers
.
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
But there are no guarantees that the administrator of a given system decided to give sudo
rights out in this manner. The just as easily could've done it like so:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
saml ALL=(ALL) ALL
In which case, without sudo
rights you could never gain access to a system's /etc/sudoers
file to see this entry.
What about /etc/groups
This file only shows users who have a 2nd, 3rd, etc. group associated with them. Often times user accounts only have a single group associated, in which case you'd need to use a slightly different command to find out a given user's primary group:
$ getent passwd saml
saml:x:1000:1000:saml:/home/saml:/bin/bash
Here user "saml" has the primary group 1000. This GID equates to this group:
$ getent group 1000
saml:x:1000:saml
But none of this actually tells you anything as to which user accounts have sudo
rights.
Why the big secret?
This is all done to prevent what's known as a side channel attack. Leaking information out, such as which accounts have privileges, would give important information out to a would be attacker, if they were able to gain access to any account on a given system. So often times it's best to mask this info from any non-privileged account.
rakesh
Updated on September 18, 2022Comments
-
rakesh over 1 year
- If I'm not a sudoer, is it possible to view the list of sudoers?
- Does
/etc/group
show this information?
-
Jakob Bennemann almost 10 yearsWell, if a user is in the
wheel
group, that is often a give-away, but it's not guaranteed. I do not believe/etc/group
contains any information specific to the sudoers.