SUICIDAL "sudo" command ??
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: SUICIDAL "sudo" command ??

  1. #1
    Junior Member
    Join Date
    Aug 2002
    Posts
    5

    SUICIDAL "sudo" command ??

    Hi All,
    This is my very first post to Forum, infact to AO.
    I wanted to know the significance/relevance of the putting "sudo" command that is usually there is most Unix, Linux System. If this command is an ALTERNATIVE-TO-ROOT. Then isn't this SUICIDAL. Does this make a log if yes then in which file.

    To put some pretext for the Query lemme say...
    I tried this command to alter permission of so-called READONLY "passwd" file, as an ordinary user & I succeeded. Successively I was able to add one user having rOOt PoweRs (Don't ask me how?) whichout even root to letting it know . Now the Question is How could I change "passwd" [ or "shadow" file, as I did ]. Is there any "sudo" log that would have an entry of this.


    ThanX in adVANce

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    man sudo?
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    To allow a user to use sudo to get teh 1337 r00t powerz you need to add the user to the /etc/sudoers file

    also you can specify which commands the user can execute (even which variables he is allowed to use with the command)

    try man sudo or even better this page: http://www.courtesan.com/sudo/intro.html
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  4. #4
    Junior Member
    Join Date
    Aug 2002
    Posts
    5
    Thx SirDice ..But the system I'm working on [ MPRAS-UNIX] has no manual Entry on this.
    ;-(.

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    See the link The_Jinx posted, you can also find the man pages there.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6
    Junior Member
    Join Date
    Aug 2002
    Posts
    5
    Thx the_JinX for the Link. It really has substancial Info.

  7. #7
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    NoProblem

    Yup..
    I went there while I was writing my lame tutorial on "chroot shells"..
    That needed sudo and I allways shunned sudo out of a (unneeded) fear of the command..

    Historicaly sudo has been abbused a lot by exploits and the likes..
    But current versions are safe to use(tm)
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Yep, sudo is relatively safe. You just need to watch what kind of commands you're enabling...

    There is no easy way to prevent a user from gaining a root shell if that user is allowed to run arbitrary commands via sudo. Also, many programs (such as editors) allow the user to run commands via shell escapes, thus avoiding sudo's checks.
    Source man sudo.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    Junior Member
    Join Date
    Aug 2002
    Posts
    5
    thx again !! the_JinX, SirDice.
    Right Now my head is in the sudo-link...dupppp..

    Hey..one sec.. another Doubt.
    Assume if I could change "passwd" file for myself to be root. Then I CAN do anything with "/etc/sudoers" file & also I can remove entries from it's log files.
    Isn't that a hole. If not then what's the patch.


    Thx again in advancE.


  10. #10
    Junior Member
    Join Date
    Aug 2004
    Posts
    3
    Hello EveryOne, I'd the same doubt. Any Suggestions ???
    [gloworange]NeOnD[/gloworange][glowpurple]...007[/glowpurple]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •