Please login or register.

Login with username, password and session length

Author Topic: sudo security flaw  (Read 4579 times)

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

bkenobi

  • PI Expert
  • Hero Member
  • ******
  • Helpful Post Rating: 24
  • Posts: 2082
Re: sudo security flaw
« Reply #1 on: October 15, 2019, 11:20:13 AM »

I have not tried this on my own systems and any sudo request is logged at work so I'm not going to try it there.  But, I find it hard to believe that this bug could have lived potentially close to 40 years (developed in the 1980's originally).

Tuicemen

  • Administrator
  • Hero Member
  • ****
  • Helpful Post Rating: 283
  • Posts: 10523
  • I don't work for X10, I use it successfuly!
Re: sudo security flaw
« Reply #2 on: October 16, 2019, 08:48:43 AM »

As the artical states
Quote
any attacker will need to have command line control over your system before they can even consider exploiting the flaw -- at that point, you probably have larger problems

With command line access having additional restrictions isn't going to stop a hacker from screwing with your setup if they wish to do so.
Logged
Please Read Topic:
General Forum Etiquette
Before you post!

petera

  • PI Expert
  • Hero Member
  • ******
  • Helpful Post Rating: 27
  • Posts: 1751
Re: sudo security flaw
« Reply #3 on: October 16, 2019, 11:37:13 AM »

Storm in a teacup. Headline grabber really. Matter has already been resolved and really only related to non standard Linux installs. Having full understanding of Linux hierarchy and file structures helps to avoid a situation like this and updating your distribution regularly tends to help too.

https://www.google.ie/amp/s/www.theregister.co.uk/AMP/2019/10/14/linux_sudo_security_bug/
Logged
 

X10.com | About X10 | X10 Security Systems | Cameras| Package Deals
© Copyright 2014-2016 X10.com All rights reserved.