--- a/components/sudo/TESTING	Wed Feb 24 22:20:45 2016 -0800
+++ b/components/sudo/TESTING	Mon Feb 15 08:11:32 2016 -0800
@@ -12,6 +12,9 @@
 
 # Test digest feature
 
+# Make sure that the following line is commented out in /etc/sudoers:
+# ALL    ALL=(ALL) NOPASSWD: ALL
+
 openssl dgst -sha224 /usr/bin/ls # make note of the hash
 
 # Add this line to sudoers (replace UID by your user ID and HASH by the ls
@@ -118,3 +121,31 @@
 > 11282    syscall                                                 brk entry
 > 11550    syscall                                            brandsys entry
 > 11642    syscall                                                bind entry
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+# Test noexec
+
+# Verify the following works
+
+$ sudo /usr/perl5/5.12/bin/perl -e 'print "before\n"; system("id -a"); print "after\n"'
+before
+uid=0(root) gid=0(root) groups=0(root),1(other),2(bin),3(sys),4(adm),6(mail),7(tty),8(lp),12(daemon)
+after
+
+# Add the following to sudoers
+
+ALL     ALL = NOPASSWD: NOEXEC: /usr/perl5/5.12/bin/perl
+
+# Now Perl should be prevent to run further commands, so the output is
+
+$ sudo /usr/perl5/5.12/bin/perl -e 'print "before\n"; system("id -a"); print "after\n"'
+before
+after
+
+# Perl itself works as expected
+
+$ /usr/perl5/5.12/bin/perl -e 'print "before\n"; system("id -a"); print "after\n"'
+before
+uid=101(rimmer) gid=10(staff) groups=10(staff)
+after