u+S WAS: Which one is better solution?
On Sun, Dec 16, 2018 at 08:54:05AM +0100, Elmar Stellnberger wrote: > On 15.12.18 17:24, Ruslanas G??ibovskis wrote: > > u+S on a scr > > what is u+S? Probably 'u+S' as in `chmod u+S scr`
Re: Which one is better solution?
what is u+S? On 15.12.18 17:24, Ruslanas Gžibovskis wrote: u+S on a scr
Re: Which one is better solution?
On 12/15/18, Ruslanas Gžibovskis wrote:
> On Sat, 15 Dec 2018, 12:29 Shea Alterio
>> As far as I know, pkexec doesn't validate arguments, so it might not be
>> ideal if you are worried about people trying to trick it.
>>
>> On Sat, Dec 15, 2018 at 6:15 AM JungHwan Kang
>> wrote:
>>
>>> Sometimes, I use a sudo command with -s options for keeping
>>> environment variables for users account(sudoer). I also know -s option
>>> runs the shell specified by the SHELL environment variable. But the
>>> SHELL environment variable can be manipulated by other users having
>>> the same privilege.
>>>
>>> So, I think an adversary is able to abuse the changing SHELL
>>> environment variable for privilege escalation like a video below. (I
>>> assume the adversary owned the permission for executing a shell on a
>>> remote)
>>>
>>> https://youtu.be/JSQjIm7377o (unlisted state)
>>>
>>> I know it is uncertain when the sudo is executed with -s option by
>>> sudoer.
>>>
>>> Anyway, I have thought of the solutions to the issue below.
>>> - using a pkexec of a Policy kit,
>>> - disable a ptrace function via kernel.yama.ptrace_scope,
>>> CAP_SYS_PTRACE.
>>>
>>> Could you give some advice and comments?
>>>
> I prefer su or u+S on a script
I've read the above responses and am not quite sure how this fits in
but decided to post anyway. :)
I started using "su" myself in last year or so. A blip that quickly
left my memory was that I'd seen a hyphen ("-") used at some point but
didn't understand the importance of adding the hyphen as needed
BECAUSE "su" appeared to work just fine WITHOUT the hyphen. :)
A few weeks ago, that very helpful topic came up on Debian-User, but
now I can't find that reference. Via Super User/StackExchange [0], I
*did* find:
"Of noteworthyness: This is particularly useful when su-ing to root as
without using the hypen to start a new login shell, your $PATH won't
get updated and thus you won't be able to directly call root-only
binaries in /sbin and /usr/sbin "
That important detail about fits what was shared on Debian-User
recently. Am additionally posting because it's not something newcomers
(and even old timers) to that concept encounter very readily out there
in the wild. :)
Cindy :)
[0]
https://superuser.com/questions/453988/whats-the-difference-between-su-with-and-without-hyphen
--
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA
* runs with birdseed *
Re: Which one is better solution?
I prefer su or u+S on a script On Sat, 15 Dec 2018, 12:29 Shea Alterio As far as I know, pkexec doesn't validate arguments, so it might not be > ideal if you are worried about people trying to trick it. > > On Sat, Dec 15, 2018 at 6:15 AM JungHwan Kang wrote: > >> Sometimes, I use a sudo command with -s options for keeping >> environment variables for users account(sudoer). I also know -s option >> runs the shell specified by the SHELL environment variable. But the >> SHELL environment variable can be manipulated by other users having >> the same privilege. >> >> So, I think an adversary is able to abuse the changing SHELL >> environment variable for privilege escalation like a video below. (I >> assume the adversary owned the permission for executing a shell on a >> remote) >> >> https://youtu.be/JSQjIm7377o (unlisted state) >> >> I know it is uncertain when the sudo is executed with -s option by sudoer. >> >> Anyway, I have thought of the solutions to the issue below. >> - using a pkexec of a Policy kit, >> - disable a ptrace function via kernel.yama.ptrace_scope, CAP_SYS_PTRACE. >> >> Could you give some advice and comments? >> >> Thx. >> >>
Re: Which one is better solution?
As far as I know, pkexec doesn't validate arguments, so it might not be ideal if you are worried about people trying to trick it. On Sat, Dec 15, 2018 at 6:15 AM JungHwan Kang wrote: > Sometimes, I use a sudo command with -s options for keeping > environment variables for users account(sudoer). I also know -s option > runs the shell specified by the SHELL environment variable. But the > SHELL environment variable can be manipulated by other users having > the same privilege. > > So, I think an adversary is able to abuse the changing SHELL > environment variable for privilege escalation like a video below. (I > assume the adversary owned the permission for executing a shell on a > remote) > > https://youtu.be/JSQjIm7377o (unlisted state) > > I know it is uncertain when the sudo is executed with -s option by sudoer. > > Anyway, I have thought of the solutions to the issue below. > - using a pkexec of a Policy kit, > - disable a ptrace function via kernel.yama.ptrace_scope, CAP_SYS_PTRACE. > > Could you give some advice and comments? > > Thx. > >
Which one is better solution?
Sometimes, I use a sudo command with -s options for keeping environment variables for users account(sudoer). I also know -s option runs the shell specified by the SHELL environment variable. But the SHELL environment variable can be manipulated by other users having the same privilege. So, I think an adversary is able to abuse the changing SHELL environment variable for privilege escalation like a video below. (I assume the adversary owned the permission for executing a shell on a remote) https://youtu.be/JSQjIm7377o (unlisted state) I know it is uncertain when the sudo is executed with -s option by sudoer. Anyway, I have thought of the solutions to the issue below. - using a pkexec of a Policy kit, - disable a ptrace function via kernel.yama.ptrace_scope, CAP_SYS_PTRACE. Could you give some advice and comments? Thx.
