[sudo-users] How to prevent privilege escalation attacks through sudo?
David
wizzardx at gmail.com
Thu Jan 25 07:25:21 EST 2007
Something which might help:
http://en.wikipedia.org/wiki/Secure_attention_key
Maybe sudo can be setup to only run if the user in that term has
recently hit the SAK? Maybe combine this with a pid check, along with
more paranoid restrictions on TTY tickets.
Also SAK would only work if the user is physically at the machine he's
running sudo on.
More information about the sudo-users
mailing list