Potential Hack in sudo?
derek at burdick.cc
Mon Apr 16 11:09:27 MDT 2007
> touch ~/.sudo_as_admin_successful
> sudo /bin/bash
> su root
> passwd "mynewpassword"
> And it worked!
.sudo_as_admin_successful just suppresses the sudo help:
sudo /bin/bash made you root
su root is redundant
passwd changed the password of the root user since you are root from the
Seems like everything is working as it is supposed to. sudo is
configured on your machine to not require a password.
More information about the PLUG