[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: If you care about debian's security read this

On Sun, 3 Mar 2002 21:16:13 +0100
Josip Rodin <joy@cibalia.gkvk.hr> wrote:

> Ah, I read a bit better now and noticed:
>  kov     ALL = (root)
> So it's not that serious indeed.
ok, I think you guys don't know enough about sudo to understand
the problem and Branden is blindly trusting his coleagues without
taking the time to look at the problem

this is my sudoers line:

kov     ALL = (root) NOPASSWD: /usr/sbin/chroot, /usr/sbin/pbuilder,
PASSWD: /usr/bin/apt-get

it means that 'kov' from ALL hosts = allowed to run as root without
being asked for a password commands chroot, pbuilder and is allowed
to run as root after being asked *kov's* password the program apt-get

so, notice that sudo never asks the root password and with that sudoers
line my user cannot run /bin/sh

now, for gnome-sudo to run your user needs to be able to run
/usr/lib/gnome-sudo/gnome-sudo-helper with the "target user"
(root, in this case)

but gnome-sudo-helper is a script that calls any command you ask it
to... so having it on /etc/sudoers is the same as making /bin/sh
setuid... or replacing the user's uid with '0'... as Joey Hess said
it is easier to run gnome as root if you are to use gnome-sudo

I guess that when an admin installs a package it wants it to work,
if it comes from Debian the admin may blindly trust the package and
open that root whole

Notice that Jeff agreed that this bug was grave (he is the original
submitter after we talked about this on debian-devel) and now, because
his package depends on gnome-sudo and it was not fixed in time he wants
to force its acceptance in woody

I strongly recommend that you use xsu instead... it is not a root hole...


kov@debian.org: Gustavo Noronha <http://www.metainfo.org/kov>
Debian: <http://www.debian.org> * <http://debian-br.cipsga.org.br>

Reply to: