Isn't the real meat of this issue the commands an unprivileged user is
permitted to execute via sudo?
Sudo isn't a blanket 'execute anything' unless it's set up that way.
Instead, you should carefully choose the specific command(s) that the user
needs to be allowed to execute. That should
John Richard Moser [EMAIL PROTECTED] writes:
My conclusion is that the only real way to protect against this is for
bash to look for every binary in your path when you don't specify a
path; and check to see if any of those binaries is SUID. If even one
is, it should FLAT OUT IGNORE any
On Fri, 24 Mar 2006, Dave Korn wrote:
John Richard Moser wrote:
Here is a simple hack to break sudo and su to get free root. Add this
to ~/.bashrc and fill in the following blanks:
* ~/.root_kit/rk_su
Your hacked su to give root on su --now-dammit
* ~/.root_kit/silent_install_root_kit
Your
So, in other words, all you need in order to get root access is a
rootkit, your shell script, and root access? Ummm... I don't get it.
I was also confused by this. However, one guess is that by
compromising an unprivileged account and creating command aliases to
run trojaned su and sudo
On Friday, March 24 at 07:05 PM, quoth Dave Korn:
Here is a simple hack to break sudo and su to get free root. Add
this to ~/.bashrc and fill in the following blanks:
* ~/.root_kit/rk_su
Your hacked su to give root on su --now-dammit
* ~/.root_kit/silent_install_root_kit
Your script to
John Richard Moser wrote:
Here is a simple hack to break sudo and su to get free root. Add this
to ~/.bashrc and fill in the following blanks:
* ~/.root_kit/rk_su
Your hacked su to give root on su --now-dammit
* ~/.root_kit/silent_install_root_kit
Your script to silently install rk_su
