From owner-freebsd-stable Sat Dec 23 11:20:55 2000 From owner-freebsd-stable@FreeBSD.ORG Sat Dec 23 11:20:53 2000 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from srcso.globis.ru (globis.ru [212.248.80.7]) by hub.freebsd.org (Postfix) with ESMTP id DA49437B400 for ; Sat, 23 Dec 2000 11:20:45 -0800 (PST) Received: from raduga.dyndns.org (raduga.sochi.net [212.248.82.76]) by srcso.globis.ru (8.9.3/8.9.3) with ESMTP id WAA31780 for ; Sat, 23 Dec 2000 22:46:41 +0300 (MSK) (envelope-from igor@raduga.dyndns.org) Received: (from igor@localhost) by raduga.dyndns.org (8.10.1/8.10.1) id eBNJKOQ07619 for freebsd-stable@FreeBSD.ORG; Sat, 23 Dec 2000 22:20:24 +0300 Date: Sat, 23 Dec 2000 22:20:24 +0300 From: Igor Robul To: FreeBSD stable Subject: Re: Security problem with "script"? Message-ID: <20001223222024.A7570@linux.rainbow> Reply-To: igorr@crosswinds.net Mail-Followup-To: FreeBSD stable References: <20001007031416.A1389@freebsd.mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre4i In-Reply-To: <20001007031416.A1389@freebsd.mindspring.com>; from david.kanter@mindspring.com on Sat, Oct 07, 2000 at 03:14:16AM -0500 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Oct 07, 2000 at 03:14:16AM -0500, David J. Kanter wrote: > I don't know if this is an issue or not, but using the script program with > sudo seems to switch the sudoer's id to root. This is not security problem. This is stupid "root" :-) "script" just starts shell. So /bin/sh is too vulnarable to this "exploit": sudo /bin/sh will give you root shell. If, of course, you are allowed start /bin/sh with sudo This was explained some month ago to other person :-) -- Igor Robul, Unix System Administrator & Programmer @ sanatorium "Raduga", Sochi, Russia http://www.brainbench.com/transcript.jsp?pid=304744 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message