Re Kubuntu 64bit, several issues
Dennis Kaarsemaker
dennis at kaarsemaker.net
Sun Aug 14 06:09:22 CDT 2005
On zo, 2005-08-14 at 11:30 +0100, Tristan Wibberley wrote:
> Something I'm concerned about sudo, and this is relevant for su also. If
> my user account is compromised, an attacker that gets to run a program
> locally through, say, a zlib bug, could alias sudo to grab my password,
> unalias sudo, then fail
It could also simply create a sheel that is setuid'ed to your account.
Or other nasty things. This is not a sudo/su problem.
> Also, is there any chance that synaptic could be made to run its sources
> list editor via sudo so that could be restricted further.
You mean typing your password again when already being root? That would
just be a pain in the butt...
> BTW, when I first installed Ubuntu (I think it was the one before hoary,
> or hoary). The sudoers file had nothing in except root ALL=(ALL) ALL
> and, I think, a Defaults line. I couldn't find any way to make me able
> to run administrative tools except by enabling root login to set up
> sudoers. Has this been fixed in Breezy (I'm currently running Breezy),
> if so how does it now work?
If you installed warty with the server option, it would not setup sudo.
This has been fixed long since.
--
Dennis K.
- Linux for human beings: http://www.ubuntulinux.org
- Linux voor normale mensen: http://www.ubuntulinux.nl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20050814/998284b9/attachment.pgp
More information about the ubuntu-devel
mailing list