Potential Hack in sudo?

blr at robertsr.us blr at robertsr.us
Sun Apr 15 00:22:35 MDT 2007

> You know I didn't put that much thought into it, but I think I guess
> it counts as a semi-vulnerability for any OS that has a sudo'rs group.
> It's also not ubuntu, it's just an old gentoo box, I dragged out of the
> garage.
> AFAIK ubuntu has no root account, so the "hack" would be essentially
> pointless.

Last time I used it, it had a root user, but login was disabled.

> This isn't really supposed to be a vulnerability report, I'm just
> posting a quick FYI on how I just rooted my own box, in case anyone
> else ever runs into a similar need :)
> Anyways try it on your own box and see if it works.

I believe any distro that has sudo and a user in the sudoers file with ALL
access, you can just:

sudo su -

or even:

sudo -s

and then you're logged in as root and you can run passwd, etc.

And I think it's pretty common on distro's like Ubuntu and Knoppix where
you can't login as root to do that to get a root shell.

More information about the PLUG mailing list