『Linux 』su 与sudo

    今天在看arp，TCP劫持时，要修改ip_forward，但是在执行时发现：

border@ubuntu :~$ sudo echo 1 > /proc/sys/net/ipv4/ip_forward
bash: /proc/sys/net/ipv4/ip_forward: Permission denied

但是通过 su切换到root就没有问题。

border@ubuntu:~$ su
Password:
root@ubuntu:/home/border# sudo echo 1 > /proc/sys/net/ipv4/ip_forward
root@ubuntu:/home/border# cat /proc/sys/net/ipv4/ip_forward
1
root@ubuntu:/home/border#

    比较疑惑，就查了查资料：
      在这里也发现了同样的问题，刚开始Marc以为是shell内置函数的问题，但是在评论的Jan否认了这个，并给了个例子：

sudo /bin/echo 1 > /root/test

doesn't work either while

sudo sh -c "/bin/echo 1 > /root/test"

      Jan认为是在重定向前有root的权限，但是在重定后就没有root的权限，所以出错。（感觉自己写的好绕）

源文：

I think the problem is not that echo is a shell builtin but rather that the file you're trying to redirect to is being opend by the shell before the sudo is executed and therefore the command fails because user "marc" doesn't have write permissions on the file.

sudo /bin/echo 1 > /root/test

doesn't work either while

sudo sh -c "/bin/echo 1 > /root/test"

does as you have already noted.

参考： http://marc.abramowitz.info/archives/2006/05/17/su-su-sudo-oh-no/
        http://www.worldofvishnu.com/tech/hack-the-computers-in-your-lan/

--
Blog:    www.borderj.cn
MSN:   borderj@live.com

  Border