cross-platform virus
john
gmatht at gmail.com
Sun Apr 9 12:16:59 BST 2006
On Sun, Apr 09, 2006 at 10:37:57AM +0000, Yuki Cuss wrote:
> On Sun, 2006-04-09 at 10:49 +1000, Peter Garrett wrote:
> > Indeed, you are right - perhaps the sudo "ticket" in this case should
> > apply only for the app concerned. Not sure if that is possible, but this
> > does look like a loophole.... Any app requiring sudo seems to open happily
> > without a password if started after, say, synaptic during the time out
> > period. : ( ...
>
> Not a loophole at all; that's the entire *point* of sudo - that it won't
> ask for another password. That usefulness is greatly reduced when you
> start saving tokens per-program/command line.
This seems wrong somehow:
sh-3.00$ cat ~/bin/evil.sh
sudo echo Mwahaha! Pwned!!!
sh-3.00$ sudo echo SomeAdminTask
SomeAdminTask
sh-3.00$ evil.sh
Mwahaha! Pwned!!!
I would have expected that sudo would check that the PPID was the same
as when the ticket was granted.
OTOH, evil.sh could just do
echo alias sudo=steal-password >> ~/.bashrc
To do this evil.sh wouldn't even have to have a valid ticket.
IMHO most software should be constrained by something like
http://plash.beasts.org/
or
http://www.systrace.org/
Which ensure that these applications can only access those files and
syscalls that they have been specifically allowed.
--
John C. McCabe-Dansted
Masters Student
More information about the sounder
mailing list