I wouldn't be surprised if the number of systems affected by the vuln that *aren't* already intrinsically vulnerable to nasty privescs because the configuration is a terrible idea when working as intended is, well, essentially 0.
Show this thread
Can we please stop talking about that sudo bug? It only affects systems using an insane configuration (allow $command as anyone *but* root). I can't come up with any situation where that configuration makes any sense (vs e.g. "allow $command as any member of a given group).
-
-
-
Since people still don't understand the vulnerable config: you have to allow $someone to sudo into *ANY USER* (not one specifically, *ANY*), which means giving them root, and then add an *exception* to take root away (but still let them become *any* other user).
Show this thread -
To illustrate why this is a ridiculous idea and gives you root anyway even if sudo didn't have the bug: 'adm' is a member of 'disk' which can write to raw block devices, so you can just sudo to 'adm' instead of root and edit the sudoers file, or give suid to /bin/sh.
Show this thread -
So if there are people there who actually had the sample config in the vuln report, they are vulnerable to all hell and back *anyway*, and if they've been trying to play whack-a-mole by excluding all "root-equivalent" user accounts, that's a ridiculous idea and they'll miss one.
Show this thread
End of conversation
New conversation -
-
-
I wondered why none of my systems seemed to be affected - I checked them before they were auto-updated and I couldn't trigger the bug.
-
Me I could on devuan, because even after removing myself from /etc/groups and /etc/gshadow the OS decided to ignore my choices keeping an /etc/group-. Dear OS : I know how to do an init=/bin/sh, thus let me do the stupid stuffs I want, I don't need your magic.
End of conversation
New conversation -
-
-
I was thinking this but assumed I was missing something or there was some use case outside of my experience where this would make sense.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thank you! I have been annoyed about this all day
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
it worked on my laptop :/
-
Are you sure you don't have sudo root enabled for your user already? What is your sudoers config?
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.