[sudo-users] Fwd: SUDO package for Sparc version 1.6.8p12

Harold Zatorski hz23116 at yahoo.com
Wed Jun 27 12:22:14 EDT 2007


If memory serves:

SUDO prevents shell escapes by using the LD_PRELOAD
variable to cause subsequent calls to the linker to
preload a sudo_noexec.so file.  That file is required
as is its dependencies.  It hooks the exec calls.

Be sure the libgcc file in question is in the libary
path of your system (ie: copy it there, set a LIBPATH
or use the crle command. 

BTW:  If you use the crle method... be sure to use the
'add' feature of the crle command to add additional
paths... it has a tendency to replace the
configuration file and will take a system down hard
requiring a CD boot to fix.

Cheers

--- Chris Jepeway <jepeway at blasted-heath.com> wrote:

> Can anybody help Tim out?  My involvement with sudo
> predates the NOEXEC tag.
> 
> Chris.
> 
> Begin forwarded message:
> 
> > From: "Manochehri, Tim"
> <Tim.Manochehri at blueshieldca.com>
> > Date: June 19, 2007 7:01:52 PM EDT
> > To: "jepeway" <www at blasted-heath.com>
> > Subject: SUDO package for Sparc version 1.6.8p12
> >
> > Hey Chris,
> >
> > I am having an issue with 'sudo' when NOEXEC is
> enabled.
> >
> > Here is my sudoers file.
> >
> > # sudoers file.
> > # This file MUST be edited with the 'visudo'
> command as root.
> > # User privilege specification
> > root    ALL=(ALL) ALL
> > %sysadmin       ALL=(ALL) ALL
> > %tsadmin        ALL=(iwui) ALL, (root) /usr/bin/su
> - iwui, (root)
> > /usr/bin/su - tsadmin, (root) /etc/init.d/iw* st*,
> (root)
> > /local/iw-home/private/bin/iwfsfix, (root)
> > /local/iw-home/private/bin/iwfsck, (root)
> /local/iw-home/bin/iwreset,
> > (root) /local/iw-home/bin/iwgroup, (root)
> /etc/init.d/iw.tsreport,
> > (root) /local/iw-home/iw-perl/bin/iwperl, (root)
> > /local/iw-home/bin/make_toolkit.ipl, (root)
> > /local/iw-home/eventsubsystem/bin/eventsubd.sh,
> (root) NOEXEC:
> > /usr/bin/vi 
> /local/iw-home/httpd/iw-bin/changePassword.cgi,
> (root)
> > NOEXEC: /usr/bin/vi 
> /local/iw-home/httpd/iw-bin/changePassword.cgi
> >
> >
> > When a user that is in the group tsadmin does a
> sudo vi with NOEXEC
> > enabled.
> >
> > I get this.
> >
> > # sudo /usr/bin/vi
> /local/iw-home/httpd/iw-bin/changePassword.cgi
> > Password:
> > ld.so.1: /usr/bin/vi: fatal: libgcc_s.so.1: open
> failed: No such file 
> > or
> > directory
> > Killed
> >
> > id
> > uid=67128(testme) gid=67002(tsadmin)
> >
> > Any ideas?
> >
> >
> > Tim Manochehri
> > Sr. Unix Systems Engineer
> > Bluedof California {EDH}
> > 916-350-8819
> >
> > Confidentiality Notice:  This e-mail message,
> including attachments, is
> > for the sole use of the intended recipient(s) and
> may contain
> > confidential and privileged information.  Any
> unauthorized review, use,
> > disclosure or distribution is prohibited.  If you
> are not the intended
> > recipient, please contact the sender by reply
> e-mail and destroy all
> > copies of the original message.
> >
> >
> 
>
____________________________________________________________
> 
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe,
> visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
> 



      ____________________________________________________________________________________
Luggage? GPS? Comic books? 
Check out fitting gifts for grads at Yahoo! Search
http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz



More information about the sudo-users mailing list