Sudo Axes Escalation Glitch
Among the important benefits of Linux's permission hierarchy is its ability to keep untrusted users from running amok. The all-or-nothing nature of root access, however, can present headaches when users are trusted, but only so far. That is a problem the sudo utility attempts to solve, and does so fairly well — except for the occasional glitch. A glitch of this sort turned up last week, allowing less-privileged users to skirt around sudo's protections and gain the powers of other users, including the superpowers of root. The advisory notes that impact of the vulnerability is mitigated by the utility's defaults, however. Sudo versions 1.7.2p4 (now superseded by 1.7.2p5) and 1.6.9p21 patch the vulnerability. Mandriva, Red Hat, and Ubuntu have already pushed updated versions out to users.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.