SUDO_ASKPASS Specifies the path to a helper program used to read the password if no terminal is available or if the -A option is specified. This shows the current user can use all commands as sudo. We can use the -k option with sudo to kill the current sudo authentication: $ sudo -k This will allow you to run a command like: echo myPassword | sudo -S ls /tmp Here is the man entry:-S The -S (stdin) option causes sudo to read the password from the standard input instead of the terminal device. If a command is specified, it is passed to the shell for execution via the shell's -c option. For each key press, an asterisk is printed. SUDO_COMMAND Set to the command run by sudo, including command line arguments. Sudo’s pwfeedback option can be used to provide visual feedback when the user is inputting their password. Release Date: June 2, 2010 Summary: Sudo "secure path" feature works by replacing the PATH environment variable with a value specified in the sudoers file, or at compile time if the --with-secure-path configure option is used. -S The -S (stdin) option causes sudo to read the password from the standard input instead of the terminal device.-s The -s (shell) option runs the shell specified by the SHELL environment variable if it is set or the shell as specified in passwd(5).-u The -u (user) option causes sudo to run the specified command as a user other than root.To specify a uid instead of a username, use #uid. From sudo(8):-s [command] The -s (shell) option runs the shell specified by the SHELL environment variable if it is set or the shell as specified in passwd(5). -v: If, given the -v (validate) option, sudo will update the user’s timestamp, prompting for the user’s password if necessary. SHELL Used to determine shell to run with -s option. sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. Sudo's secure path option can be circumvented. The -s option is specifically there to spawn a shell. version 1.8.0 when a new simple debugging option was added. -h or –help: The -h (help) option causes sudo to print a usage message and exit. The manpage for the -s option says:-s, --shell Run the shell specified by the SHELL environment variable if it is set or the shell specified by the invoking user's password database entry. Or we can use sudo to restart the system immediately: $ sudo shutdown -r now. -K option is similar to -k, but this will totally … PATH May be overridden by the security policy. This means that, for example, in the new shell that sudo -s runs, executing the whoami command will still return your username, and not 'root'. Let’s now see a few examples using the sudo command.. We can change the password of the user “sammy“: $ sudo passwd sammy. $ sudo /sbin/service httpd restart [sudo] password for john: Note: John can also use -K (which is sure kill). I don't think it's possible to use -s without spawning a root shell (assuming you need root privileges). What's worth keeping in mind here is that the -s command line option gives you a shell with root privileges, but you don't get the root environment - it's your .bashrc that gets sourced. This option was added in response to user confusion over how the standard Password: prompt disables the echoing of key presses. Once the sudo credential cache is cleared, when john tries to execute the sudo command again, it will ask for his password. 4. For sudo there is a -S option for accepting the password from standard input. 3. A number of well-known techniques exist for exploiting the format string vulnerability that would, in turn, allow an attacker to leverage sudo's root privileges and, without even being listed in the sudoers file, gain that privilege and run arbitrary commands as root. The invoking user's real (not effective) user ID is used to determine the user name with which to query the security policy. sudo supports a plugin architecture for security policies and input/output logging. That's what -s means.