Potential bypass of Runas user restrictions in sudo

Posted on 2019-10-14 by pappp

Article note: It requires a rather atypical configuration, but... damn, that's a big edge condition oops. Basically, in some versions of sudo, if configured with an (ALL, !root) case, trying to run something as an invalid but representable UID (-1, 4294967295) will have the underlying syscalls reject _after_ the tests, and it will then run the command as... the sudo binary's SUID 0.

Comments

This entry was posted in News. Bookmark the permalink.

Leave a Reply Cancel reply

Search for:
Web Presence
- Lemmy
- last.fm
- Linkedin
Page Navigation
- About Me
- Schedule
- News
Meta
November 2024

S M T W T F S

1 2

3 4 5 6 7 8 9

10 11 12 13 14 15 16

17 18 19 20 21 22 23

24 25 26 27 28 29 30

« Oct
Recent Posts
Random Quote

We [Apple] have always been shameless about stealing great ideas.

— Steve Jobs
Categories
- Announcements
- Computers
- DIY
- Electronics
- Entertainment
- FoodBlogging
- General
- Literature
- Meta
- Music
- Navel Gazing
- News
- Objects
- OldBlog
- School
License

Unless otherwise noted, this work is licensed under a Creative Commons Attribution-ShareAlike 3.0 United States License.

Potential bypass of Runas user restrictions in sudo

Leave a Reply Cancel reply

Web Presence

Page Navigation

Meta

Recent Posts

Random Quote

Categories

License