sudo security concerns ?
Colin Watson
cjwatson at canonical.com
Fri Nov 26 08:16:33 CST 2004
On Fri, Nov 26, 2004 at 02:21:19PM +0100, Eric Feliksik wrote:
> That's interesting. But how can a program become root if sudo requires a
> user's password, other than sniffing keystrokes for that users' password?
Wait for a root shell to be opened inside a terminal running as that
user, and inject commands into it. (There are plenty of other less
obvious ways.)
--
Colin Watson [cjwatson at canonical.com]
More information about the ubuntu-devel
mailing list