You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Can we please stop talking about that sudo bug? It only affects systems using an insane configuration (allow $command as anyone *but* root). I can't come up with any situation where that configuration makes any sense (vs e.g. "allow $command as any member of a given group).
I wouldn't be surprised if the number of systems affected by the vuln that *aren't* already intrinsically vulnerable to nasty privescs because the configuration is a terrible idea when working as intended is, well, essentially 0.
Since people still don't understand the vulnerable config: you have to allow $someone to sudo into *ANY USER* (not one specifically, *ANY*), which means giving them root, and then add an *exception* to take root away (but still let them become *any* other user).
To illustrate why this is a ridiculous idea and gives you root anyway even if sudo didn't have the bug: 'adm' is a member of 'disk' which can write to raw block devices, so you can just sudo to 'adm' instead of root and edit the sudoers file, or give suid to /bin/sh.
So if there are people there who actually had the sample config in the vuln report, they are vulnerable to all hell and back *anyway*, and if they've been trying to play whack-a-mole by excluding all "root-equivalent" user accounts, that's a ridiculous idea and they'll miss one.
In a well-closed system, sudo is used precisely to give very selective access to a certain account and / or a certain command. It is precisely those systems that will suffer from this bug. So it hits where it hurts the most.
No, because the bug only affects sudoers files configured to allow people to run a command as *literally anyone but root*. Not "one user". Literally "any user, including numeric users, except root". That kind of configuration makes *no sense*.
It really seems like only configs with a copy+error or bad search+replace that went unnoticed are effected.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
