|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Sudo: local root compromise with krb5 enabled
From: Todd C. Miller (Todd.Miller
courtesan.com)
Date: Thu Jun 07 2007 - 15:05:42 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In message <70f230c70706071255k7338dc5bn85bb1ac5fe6c2fc7mail.gmail.com>
so spake "Mark Senior" (senatorfrog):
> In other words, in the SuSE default config, sudo is just an
> overcomplicated su - to sudo something as root, you need not your own
> password, but root's - except you don't have to be in wheel to use it.
>
> If sudo is configured as above, and uses kerberos, then all users
> might be able to exploit this.
This bug does not affect builds of sudo that use PAM or BSD
authentication for password verification so there is really no
impact on SuSE.
- todd
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]