Vulnerabilities in sudo closed
转载ilovecto 博主文章分类:linux news
Several Linux distributors have released updated sudo
packages to fix two vulnerabilities that allow users with limited access
rights to escalate their privileges. The sudo (super user do) command
is intended to allow users to execute certain commands at another user's
privilege level - usually root. The contents of the /etc/sudoers
file determines whether or not a user is authorised to execute a
command at a higher privilege level (by preceding the command with sudo)
without further authentication. This allows administrators to give
other users the rights required to handle certain management tasks
without giving them overall root access.
The tasks can, for instance, include managing a file; for this
purpose, sudo offers added functions called pseudo commands such as sudoedit
for file editing. However, this function can reportedly be exploited by
attackers to execute an identically named file in the home directory
(and other directories) of the user who has root access – and this file
can, in turn, contain arbitrary commands.
Further implementation flaws are contained in the runas_default
option, which potentially also grants root access. Administrators can
set the user context for command execution to that of another user
rather than root in /etc/suoders. This is intended to save
users having to add the (sudo) -u username option to their
command. However, the programming flaw causes sudo to set the
group privileges not for the stated user, but to root instead.
The flaw is inconsequential in standard installations because
runas_default isn't usually enabled there. The official version of sudo
is also unaffected. The updated version, 1.7.2p4, fixes the flaw in
sudoedit. The stable version has since been updated to version 1.7.2p5(direct
download) to fix two other bugs.
提问和评论都可以,用心的回复会被更多人看到
评论
发布评论
相关文章
-
sudo软件 sudo!!
Linux学习笔记之——su、sudo命令使用及区别 摘要:主要对su、sudo命令的功能进行介绍和两者之间的区别。以及使用方式 一:两者之间的区别 su用于用户之间的切换。 sudo
sudo软件 shell 操作系统 普通用户 root用户