[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Todd Miller Sudo local root exploit discovered by Slouching

On 3/4/2010 11:11 AM, noone@xxxxxxxxxxx wrote:
Its not a sudo local root exploit, its an exploit in a misconfigured sudo file.

If it's a misconfiguration, then why'd they release a patch?

From http://www.sudo.ws/sudo/stable.html:

Major changes between version 1.7.2p3 and 1.7.2p4:

* Fix a bug that could allow users with permission to run sudoedit to run arbitrary commands.