Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Bug is sudo?

From: rhodie () NAC NET (Rhodie)
Date: Fri, 26 Jun 1998 03:25:56 +0300

I was messing arround with sudo when i found out that you can check to see
if there is a file that can be exec'd by root, even if you don't have the
privlages. IE: You can check to see if there is a program, in the root
path, that you can't see (maybe can and its just easyer to do it this
way).
The normal way to use sudo is 'sudo command' and it asks you for your
password, you put it in and it exec's as root, you get it wrong and it
doesnt.... Try sudo <command that doesnt exist>, it says:
sudo.bin: fdsa: command not found
So? you say, well, you can check to see if there is something to play with
that root has hidden....

Take a look at these:

(rhodie@is-so) [~]$ sudo fdsa
sudo.bin: fdsa: command not found
(rhodie@is-so) [~]$ sudo id
Password:

Heh, isn't that purty?

-------------------------------
Get your own rhoide too! Coming soon to stores!
---===***)))The other barefoot wanna-be-programer(((***===---
Find me on almost any major network (exept for efnet, because they suck)
and visit technonet! Dark.TechnoNet.Net 6667
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: