Bugtraq mailing list archives
Re: Re: Todd Miller Sudo local root exploit discovered by Slouching
From: noone () nothing com
Date: 4 Mar 2010 16:11:41 -0000
I believe what andy was alluding to was, why post on bugtraq with a subject Sudo local exploit discovered. Its not a sudo local root exploit, its an exploit in a misconfigured sudo file. You can post it as a new exploit technique for a misconfiguration, and i'm sure all the vuln and pen guys would be happy. In my opinion, its a good technique to check for and i will use it in my arsenal of things to look for in terms of admin misconfigs but since its not in the default config on sudo, you'd have to e an idiot to not fully path out a commnd you are giving root access for... Anyway think about how you phrase things next time.
Current thread:
- Todd Miller Sudo local root exploit discovered by Slouching Kingcope (Mar 02)
- Re: Todd Miller Sudo local root exploit discovered by Slouching andy (Mar 03)
- Re: Todd Miller Sudo local root exploit discovered by Slouching Kingcope (Mar 03)
- Re: Todd Miller Sudo local root exploit discovered by Slouching Jann Horn (Mar 03)
- <Possible follow-ups>
- Re: Re: Todd Miller Sudo local root exploit discovered by Slouching noone (Mar 04)
- Re: Todd Miller Sudo local root exploit discovered by Slouching Steve Shockley (Mar 05)
- Re: Todd Miller Sudo local root exploit discovered by Slouching andy (Mar 03)