Bugtraq mailing list archives
Re: sudoedit local privilege escalation through PATH manipulation
From: Agazzini Maurizio <inode () mediaservice net>
Date: Thu, 22 Apr 2010 10:04:09 +0200
On 20/04/2010 8.42, Ansgar Wiechers wrote:
Perhaps I'm missing something, but how is this a security flaw? A user who is allowed to run "sudoedit" can edit /etc/sudoers, and thus allow himself to run any command anyway. Regards Ansgar Wiechers
In the configuration file (sudoers) you can specify the file that the user is allowed to edit (http://www.gratisoft.us/sudo/man/sudoers.html). The bug allow you to bypass these controls and gain root privileges. Best regards, Maurizio -- Maurizio Agazzini CISSP, OPST Senior Security Advisor Team Manager @ Mediaservice.net Srl Tel: +39-011-32.72.100 Via San Bernardino, 17 Fax: +39-011-32.46.497 10141 Torino - ITALY http://mediaservice.net/
Current thread:
- sudoedit local privilege escalation through PATH manipulation Agazzini Maurizio (Apr 19)
- Re: sudoedit local privilege escalation through PATH manipulation Ansgar Wiechers (Apr 20)
- Re: sudoedit local privilege escalation through PATH manipulation Agazzini Maurizio (Apr 22)
- Re: sudoedit local privilege escalation through PATH manipulation Ansgar Wiechers (Apr 20)