Re: Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))

To: debian-user@lists.debian.org
Subject: Re: Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))
From: Greg Wooledge <greg@wooledge.org>
Date: Fri, 20 May 2022 21:20:21 -0400
Message-id: <[🔎] Yog+Vagiy+IS1p0N@wooledge.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 62883547.6010506@fastmail.fm>
References: <[🔎] CAFMGiz_a2dxp00o=Q25adA_34QZEexQx-9MC3qW0Z3CrxiNbbw@mail.gmail.com> <[🔎] 87k0aiaqj9.fsf@penguin> <[🔎] CAJmb-Ynr2z2itWuutocfQPEmxLecgGUqD0b5ogOvz8-1ixMomg@mail.gmail.com> <[🔎] YogyJalFMcX6FL2y@axis.corp> <[🔎] 62883547.6010506@fastmail.fm>

On Fri, May 20, 2022 at 08:41:43PM -0400, The Wanderer wrote:
> On 2022-05-20 at 20:28, David Wright wrote:
> > $ function /usr/bin/sudo { echo teehee; }
> > $ /usr/bin/sudo whatever
> > teehee
> > $ 
> 
> A quick test demonstrates that this can be worked around via the 'unset'
> command:

Until you define a function named unset.

But the real point here is that you should only use sudo or su (or doas
or any other program that reads your password) from a trusted environment.
What you definitely should NOT do is get called by a coworker, go over to
their workstation, hear the description of a problem, and try to fix it
from their computer, where they may have overridden su/sudo/etc.

Go back to your own desk first, and fix it from there.

Reply to:

Follow-Ups:
- Re: Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))
  - From: The Wanderer <wanderer@fastmail.fm>

References:
- setting path for root after "sudo su" and "sudo" for Debian Bullseye (11)
  - From: Tom Browder <tom.browder@gmail.com>
- Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11)
  - From: 황병희 <soyeomul@doraji.xyz>
- Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11)
  - From: Nicholas Geovanis <nickgeovanis@gmail.com>
- Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11)
  - From: David Wright <deblis@lionunicorn.co.uk>
- Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))
  - From: The Wanderer <wanderer@fastmail.fm>

Prev by Date: Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))
Next by Date: Re: Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))
Previous by thread: Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))
Next by thread: Re: Avoiding command hijacking in shells (was Re: setting path for root after "sudo su" and "sudo" for Debian Bullseye (11))
Index(es):
- Date
- Thread