Hacking sudoers
Steffan A. Cline
steffan at hldns.com
Sat May 31 00:47:52 EDT 2003
This would need to have the s bit set on it right? Could this be done inside
of a dylib that is loaded into Lasso? I didn¹t think it was possible. That
is why I have been fooling with sudo.
Steffan
---------------------------------------------------------------
T E L 6 0 2 . 5 7 9 . 4 2 3 0 | F A X 6 0 2 . 9 7 1 . 1 6 9 4
Steffan A. Cline
Steffan at ExecuChoice.net Phoenix, Az
http://www.ExecuChoice.net USA
AIM : SteffanC ICQ : 57234309
The Executive's Choice in Lasso driven Internet Applications
---------------------------------------------------------------
> From: bob at proulx.com (Bob Proulx)
> Date: Fri, 30 May 2003 20:48:43 -0600
> To: "Steffan A. Cline" <steffan at hldns.com>
> Cc: sudo-workers at sudo.ws
> Subject: Re: Hacking sudoers
>
> Steffan A. Cline wrote:
>> I need to do the following:
>> 1. Remove any logging
>> 2. Remove any emails.
>> 3. authenticate as target
>> 4. timestamp time out is immediate
>> 5. passwd timeout is immediate
>> 6. diable all unnecessary options
>> 7. disable lecture
>> 8. only callable by lasso user
>> 9. do not use sudoers file.
>
> Looking at this list makes me wonder. Are you really in need of sudo
> at all? For this list of requirements isn't a simple little C program
> suid wrapper what you are looking for?
>
> Let me include a simple C program which you could use as a wrapper for
> other programs. I have used it to wrap shell scripts. It is
> reasonably secure although I won't claim it is perfect. Although it
> is more dependent upon the security of the program you are running
> with it. Customize the top two configuration items and then compile
> and go.
>
> Bob
>
> /*
> * cc -o wrapper wrapper.c
> * chown username:groupname wrapper
> * chmod u+s wrapper
> */
>
> #include <stdio.h>
> #include <unistd.h>
>
> enum { GOODUSER = 1000 };
>
> const char myprog[] = "/root/bin/myprog";
>
> main()
> {
> if (getuid() != GOODUSER)
> exit(1);
> putenv("PATH=/bin:/usr/bin");
> putenv("IFS= \t\n");
> setgid(getegid());
> setuid(geteuid());
> execl(myprog,myprog,(char*)0);
> fprintf(stderr,"Could not execute %s\n",myprog);
> perror("exec");
> exit(1);
> }
More information about the sudo-workers
mailing list