Unusual sudo / w behaviour - 0 users?
pfraser at gmail.com
Sun Jul 22 09:54:56 UTC 2007
On 7/22/07, Paul Fraser <pfraser at gmail.com> wrote:
> Hi Tom (and ports list by CC),
> After an upgrade to sudo v1.6.9 on my 6-STABLE workstation, I've
> noticed some interesting behaviour with regards to interaction between
> sudo and w.
Sorry to respond so shortly afterwards (especially to myself!), but
I've also confirmed this behaviour on a FreeBSD 6.2-RELEASE-p6 box
with sudo v1.6.9. Quite an interesting little bug with potentially
dangerous implications, since a user could hide from the "real"
administrator if (s)he were to compromise the box and at least
temporarily escalate themselves.
Paul Fraser // Independent Technical Consultant // Ph: +61 405 341 905
This correspondence and any related attachments are confidential.
Distribution, reproduction, or release (public domain or otherwise)
without the author's prior written consent is STRICTLY FORBIDDEN.
Failure to distribute any of the aforementioned without this footer
(intact and unmodified) is also STRICTLY FORBIDDEN. Failure to abide
by these terms and conditions can result in legal action.
If you have received this correspondance in error, or believe any of
these terms have been breached, you are requested to contact the
author immediately and take steps to destroy all copies in your
PGP KeyID: 0x64E635B1
Key fingerprint: CDA3 0797 68B9 0EC1 D4D3 A7B9 D7D7 4924 64E6 35B1
More information about the freebsd-ports