The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security
Reload this Page sudo question
Google UNIX.COM
Forums Portal Register Rules & FAQContribute Members List Arcade Search Today's Posts Mark Forums Read



Thread: sudo question
View Single Post in UNIX Forums - Click on the Thread or Permalink to View Entire Thread -->
  #5 (permalink)  
Old 04-17-2008
melias melias is offline
Registered User
  

Join Date: Oct 2007
Posts: 13
I understand how sudo works.

How does sudo stop my above example from occurring?
The user copies the bash executable to another name. This copy occurs with normal acess rights, because /usr/bin/bash has read access for everyone.
No sudo authentication has occurred.
The user either copies, or moves, bash executabe to another name, say /home/user/this_is_not_bash.
Still no sudo authentication.

Now, the same user runs "sudo /home/user/this_is_not_bash"
Sudo checks sudoers file, and there is no restriction on running /home/user/this_is_not_bash (or any other name the user decides on)

The user has now been elevated to root.

Bash executable has NOT been copied to another users profile, it is being used to elevate (or switch) to another users account.

How do I stop this from occurring?
Reply With Quote