Is my implementation/understanding of SUDO flawed?

Mon Feb 25 09:21:06 EST 2002

I'm thinking that you're asking for capabilities that sudo was never
meant to handle outside of the path issue.  The way I would tackle this
is  go through the initial pain to check all the scripts and
permissions, then setup tripwire to catch any changes to said scripts.

~JK

ian Laing wrote:
> 
> Hi,
> 
> Quick reply Todd for a Sunday evening - is it you or an automated response?
> 
> Unfortunately this is the lesser of the 2 problems, though thanks for the
> tip on with-secure-path.
> I tend to download pre-built AIX sudo from Bull freeware site, hence the
> downlevel code.
> Reckon I'll have to get to grips with gcc and try and build it myself -
> though since I'm downlevel on sudo the secure-path does the job just fine,
> for the short-term, and can live in the sudoers file.
> 
> I still think sudo is giving me a false sense of security with regards to
> some of the scripts I'm sudoing - no-one said sudo would protect me from
> mis-administration though ;-(
> Maybe someone's built a mod for cursory permission checking to stop someone
> using sudo to execute a command which they have write access to, which
> basically defeats one purpose of using sudo.
> 
> At worst I may write a wrapper for sudo, which to my mind is crazy, but at
> least it may give me more peace of mind that anyone,
> accidentally/deliberately, placing a command in the directory which has a
> mode of 777 won't jeapordise the system.
> 
> Cheerio,
> ian Laing
> 
> ----- Original Message -----
> From: "Todd C. Miller" <Todd.Miller at courtesan.com>
> To: "ian Laing" <ian.laing at btinternet.com>
> Cc: <sudo-users at sudo.ws>
> Sent: Sunday, February 24, 2002 9:38 PM
> Subject: Re: Is my implementation/understanding of SUDO flawed?
> 
> > In message <000701c1bd6d$5dfc8640$737c7ad5 at oemcomputer>
> > so spake "ian Laing" (ian.laing):
> >
> > > 1) The start/stop scripts don't sanitise the PATH, so if an operator
> starts
> > > with a PATH containing
> > > their personal home directory *first* then that is the PATH the scripts
> use.
> > > They can therefore subvert commands like echo with their own version and
> > > Unix will run that.
> > > Their own echo command can then simply contain a ksh to give them a root
> > > shell.
> >
> > You can use the --with-secure-path configure option to hard-code a path.
> >
> >  - todd
> 
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users

-- 
=====================
Jeff Kennedy
Unix Administrator
AMCC
jlkennedy at amcc.com