[sudo-users] sudo 1.7.4p5 security fix; question...
highc at stny.rr.com
highc at stny.rr.com
Wed Jan 19 13:42:53 EST 2011
I'm trying to determine if my team is exposed to the security concern
fixed in 1.7.4p5, described as follows:
http://www.gratisoft.us/sudo/security.html
"A potential security issue exists in the handling of sudo's -g command
line option when -u is not specified. Affected sudo versions are 1.7.0
through 1.7.4p4. The flaw may allow a user to run commands as a group
without being prompted for a password."
It is my expectation, there is no exposure if a team has not yet
implemented a 'group' run as; for instance, if all of the 'run as'
entries, the following would not trigger an exposure:
dgb boulder = (opuid) /bin/ls, (root) /bin/kill, /usr/bin/lprm
While this second version would:
dgb boulder = (opuid : opgrp ) /bin/ls, (root) /bin/kill, /usr/bin/lprm
Further, even if the second version were used, if NOPASSWD were coded
with it, there would be no additional exposure?
Thanks,
Chris.
More information about the sudo-users
mailing list