Originally Posted by niresh2012
Thanks for your reply, I do understand the security concern, but our user presisting to find a way to run sudo from the subdirectories,
Is there any way to accomplish that without compromising security.
Well, if somehow a piece of malware was copied/installed on your system in the sub directory you pick, anyone on the system could run it without a password. You are essentially removing user/group permissions from your system for every file/binary installed to that directory.
I don't see why you cannot just enter the full path for each application you wish to run into the sudoers file. That is how sudo was intended to be used. If it's a production environment, I personally wouldn't be allowing every user on the system passwordless access to any file/binary in a directory. It is essentially giving root access to every user on the system to all files in that directory.
To hack your system all an attacker would need to do is replace/add malware to that directory and run....
~# sudo /path/to/sudo/dir/uber-malware
...your system is now compromised with a backdoor, rootkit, take-your-pick malware.
The only thing preventing such a compromise would be if the directory had the right file permissions to prevent unprivileged users from writing files to that directory. Still though, nothing is preventing unprivileged users from causing damage to the system with the already installed binaries because they have full access to the system.