[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: sudoedit local privilege escalation through PATH manipulation
On 20/04/2010 8.42, Ansgar Wiechers wrote:
> Perhaps I'm missing something, but how is this a security flaw? A user
> who is allowed to run "sudoedit" can edit /etc/sudoers, and thus allow
> himself to run any command anyway.
> Ansgar Wiechers
In the configuration file (sudoers) you can specify the file that the
user is allowed to edit (http://www.gratisoft.us/sudo/man/sudoers.html).
The bug allow you to bypass these controls and gain root privileges.
Maurizio Agazzini CISSP, OPST
Senior Security Advisor
@ Mediaservice.net Srl Tel: +39-011-32.72.100
Via San Bernardino, 17 Fax: +39-011-32.46.497
10141 Torino - ITALY http://mediaservice.net/