Re: sudo and UNIXes

To: debian-user@lists.debian.org
Subject: Re: sudo and UNIXes
From: Lars Noodén <lars.nooden@gmail.com>
Date: Mon, 28 Oct 2013 15:56:32 +0200
Message-id: <[🔎] 526E6D10.5070402@gmail.com>
In-reply-to: <[🔎] 20131028134702.GA23316@x101h>
References: <[🔎] 1382614959.670.2.camel@archlinux> <[🔎] 20131025012648.GA28581@hysteria.proulx.com> <[🔎] 5269D17C.6090504@optonline.net> <[🔎] 20131025183155.GB9627@hysteria.proulx.com> <[🔎] 20131025234110.478c8065ddd992139a38bc3e@gmail.com> <[🔎] CAOdo=SyHvrF=gPje83ryhjf+iyrLc6AqMTdHbJbJtfDFoWttBg@mail.gmail.com> <[🔎] 20131026011611.f2a1e103756681a7d0e858e0@gmail.com> <[🔎] CAOdo=SyowAJfhFf+4y-m52cew4OdCYHOG894yufXtGBnYXK3LA@mail.gmail.com> <[🔎] 20131027113150.5d165f99e540507a9892132f@gmail.com> <[🔎] 1b38nmdqfg.fsf@snowball.wb.pfeifferfamily.net> <[🔎] 20131028134702.GA23316@x101h>

On 10/28/2013 03:47 PM, Reco wrote:
> On Sun, Oct 27, 2013 at 09:28:51PM -0600, Joe Pfeiffer wrote:
[snip]
>> You also have to add to the picture such a vulnerability, and I haven't
>> noticed any.
> 
> If we're speaking of public vulnerabilities:
> 
> CVE-2010-0427.
> CVE-2013-1775 (allows bypass sudoders modification to retain root
> privileges).

CVE-2010-0427 may be the better example of the two, though it relies on
a special configuration.

CVE-2013-1775 is a rather contrived case and needs physical access.  The
general perception is that the game is over anyway when there is
physical access.

/Lars

Reply to:

Follow-Ups:
- Re: sudo and UNIXes
  - From: Reco <recoverym4n@gmail.com>

References:
- Re: audacity export wma format[1 more question]
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
- Re: audacity export wma format[1 more question]
  - From: Bob Proulx <bob@proulx.com>
- Re: audacity export wma format[1 more question]
  - From: Doug <dmcgarrett@optonline.net>
- Re: audacity export wma format[1 more question]
  - From: Bob Proulx <bob@proulx.com>
- Re: sudo and UNIXes (was: audacity export wma format[1 more question])
  - From: recoverym4n@gmail.com
- Re: sudo and UNIXes (was: audacity export wma format[1 more question])
  - From: Tom H <tomh0665@gmail.com>
- Re: sudo and UNIXes (was: audacity export wma format[1 more question])
  - From: Reco <recoverym4n@gmail.com>
- Re: sudo and UNIXes (was: audacity export wma format[1 more question])
  - From: Tom H <tomh0665@gmail.com>
- Re: sudo and UNIXes (was: audacity export wma format[1 more question])
  - From: Reco <recoverym4n@gmail.com>
- Re: sudo and UNIXes
  - From: Joe Pfeiffer <pfeiffer@cs.nmsu.edu>
- Re: sudo and UNIXes
  - From: Reco <recoverym4n@gmail.com>

Prev by Date: Re: sudo and UNIXes (was: audacity export wma format[1 more question])
Next by Date: Re: sudo and UNIXes (was: audacity export wma format[1 more question])
Previous by thread: Re: sudo and UNIXes
Next by thread: Re: sudo and UNIXes
Index(es):
- Date
- Thread