Potential Hack in sudo?

Steve smorrey at gmail.com
Sun Apr 15 00:28:14 MDT 2007


I don't know, I'ld have to look.
The box is running an emerge -ud --world at the moment, but as soon as
it's free I'll check it out and get back with you.
Eitherway I was surprised it worked.

On 4/15/07, Gabriel Gunderson <gabe at gundy.org> wrote:
> On Sat, 2007-04-14 at 23:35 -0600, Steve wrote:
> > Finally out of desperation I tried this,
> >
> > touch ~/.sudo_as_admin_successful
> > sudo /bin/bash
> > su root
> > passwd "mynewpassword"
>
> Are you sure you didn't just have something like: "%somegroup
> ALL=NOPASSWD: ALL" in the sudoers file and the user also happened to be
> in "somegroup"?
>
> This will do anything with sudo and *not* prompt for a password.  In
> which case, one could simply do a `passwd root` and set/change root's
> password as long as they were in the "somegroup".
>
> Gabe
>
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>



More information about the PLUG mailing list