[UFO Chicago] sudo exploit

Peter A. Peterson II pedro@tastytronic.net
Wed, 18 Jul 2001 15:55:17 -0500

Quoting Nick Moffitt:
> > sudo, an application that allows users to be given the ability to
> > execute commands with the permissions of other users or the root
> > user, has a buffer overflow that can be exploited to execute
> > arbitrary commands with the permissions of the root user. 
> 	This buffer overflow is the nasty.  I expect a debian update
> out shortly.

Right. It seems to me the issue is actually: "what is the greater
security risk?" Having a root shell that you *might* be careless with?
Or having another suid binary? I'm not particularly concerned about a
buffer overflow exploit with sudo, since it would have to come from an
insider -- how that insider gets onto flynn is then the more paramount
security issue. And, with Debian, I am fairly well assurred (as Nick
pointed out) that a security update will come down the pipe within a day
or two. So maybe I'm a wuss for saying that I like the safety catch that
sudo provides to me, as opposed to a root shell that I might leave
logged in for someone to access on a console, much less do something
drastic myself. As the adage goes, "The sysadmin is the system's
greatest threat."


Peter A. Peterson II, CEO Users of Free Operating Systems, Chicago USA
http://ufo.chicago.il.us -- Free Software Rules -- Proprietary Drools!