Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: hole in sudo for MP-RAS.

From: cschuber () uumail gov bc ca (Cy Schubert - ITSD Open Systems Group)
Date: Mon, 12 Jan 1998 15:20:49 -0800


There is a bug in sudo versions (at least) 1.5.2 and 1.5.3 on NCR's MP-RAS
that makes it trivial to bypass sudo's restrictions.  I reported this to
the sudo-bugs address given in the source on 12/23/97, but never heard back,
so screw 'em.  It is important to note that MP-RAS is one of the platforms
listed in the RUNSON file included with the distribution, so there are
probably many people running this; I imagine you will want to reconsider it
if you are one of them.


This bug exists on all platforms.  Sudo does not handle relative directories
properly . ../../../usr/bin/date would also bypasses the access list.

In short inclusion lists are are safe.  Exclusion lists are not safe.


--jml




Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
UNIX Support                   OV/VM:  BCSC02(CSCHUBER)
ITSD                          BITNET:  CSCHUBER@BCSC02.BITNET
Government of BC            Internet:  cschuber () uumail gov bc ca
                                       Cy.Schubert () gems8 gov bc ca

                "Quit spooling around, JES do it."
Previous By Date Next
Previous By Thread Next

Current thread: