sudo security flaw

Started by dhouston, October 14, 2019, 08:07:16 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

dhouston

October 14, 2019, 08:07:16 PM
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

bkenobi

#1
October 15, 2019, 11:20:13 AM
I have not tried this on my own systems and any sudo request is logged at work so I'm not going to try it there.  But, I find it hard to believe that this bug could have lived potentially close to 40 years (developed in the 1980's originally).

Tuicemen

#2
October 16, 2019, 08:48:43 AM
As the artical states
Quoteany attacker will need to have command line control over your system before they can even consider exploiting the flaw -- at that point, you probably have larger problems
With command line access having additional restrictions isn't going to stop a hacker from screwing with your setup if they wish to do so.
Please Read Topic:
General Forum Etiquette
Before you post!

petera

#3
October 16, 2019, 11:37:13 AM
Storm in a teacup. Headline grabber really. Matter has already been resolved and really only related to non standard Linux installs. Having full understanding of Linux hierarchy and file structures helps to avoid a situation like this and updating your distribution regularly tends to help too.

https://www.google.ie/amp/s/www.theregister.co.uk/AMP/2019/10/14/linux_sudo_security_bug/
Print
Go Up Pages1
User actions