Bugtraq mailing list archives

Re: 'sudo' recommendations

From: cschuber () uumail gov bc ca (Cy Schubert)
Date: Wed, 18 Nov 1998 17:06:18 -0800


In message <Pine.LNX.3.96.981118164632.6555C-100000 () enigma repsec com>,
Brian M
artin writes:

I'd like to thank Mr. Miller for maintaining the 'sudo' package, as well
as having the foresight to address the potential security concerns as
outlined above.


You can also issue sudo -k to delete the sudo ticket before running
something potentially dangerous.

The problem you discuss is also an issue with Kerberos.  Any potential
attacker could use cached Kerberos tickets to gain access to hosts,
services, or privileges.  To circumvent this, kdestroy your Kerberos
ticket or log in as a different user.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Open Systems Group          Internet:  Cy.Schubert () uumail gov bc ca
ITSD                                   Cy.Schubert () gems8 gov bc ca
Government of BC

Current thread:

KDE Screensaver vulnerability Christian Esken (Nov 18)
- Re: KDE Screensaver vulnerability Jason Axley (Nov 18)
- Re: KDE Screensaver vulnerability pedward () WEBCOM COM (Nov 18)
- 'sudo' recommendations Brian Martin (Nov 18)
  - Re: 'sudo' recommendations Cy Schubert (Nov 18)
    - Re: 'sudo' recommendations Alexey Kuzmichev (Nov 18)
- <Possible follow-ups>
- Re: KDE Screensaver vulnerability pedward () WEBCOM COM (Nov 18)
- Re: KDE Screensaver vulnerability Henrik Nordstrom (Nov 18)