Malware City/Blog/

Feb
20
Filed Under:
MISCELLANEOUS

Sudo considered harmful

20 February 2009
Buggy old bad idea

Fresh off the presses, but not covered by the mainstream press, we have a freshly-patched vulnerability in Ubuntu Linux  sudo to talk about.

CVE-2009-0034  is a bug that affects versions 8.04 and 8.10 of the popular distribution,  but it is also an object lesson on the inherent tension between security and usability.

On smost *nix systems, the administrator account, called root, has ultimate power over, well, everything. Wielding that power is sometimes left to a select group, called "wheel", consisting of user accounts permitted to "take on the mantle of authority", so to speak, and switch from being their usual selves , "mranderson" or "user278", to being "root" and issuing commands which can affect the whole system as such.

To do this, one needs to have a valid account with a password on that machine, to know the password  to the root account, to be in the "wheel" group and to know the magic words, which happen to be "su root". Pretty good security.

Now, what sudo does is offer a convenient way to do stuff as if you were another user, such as root, yet without switching personas. To use sudo, your account needs to be listed in another special file, called "sudoers" and you need to know the password to your own user account and the magic words, which are "sudo ".

This is very much like what Vista UAC does when you try to install trojans on your new laptop.

The sudoers file, in the default configuration, lists only accounts allowed to run stuff with root privileges. Yet sudo can be configured, via the same file, to allow user accounts to run programs with the privileges of other user accounts.

If you were a diligent little admin using Ubuntu and you took advantage of this feature to allow sally the remote user to sometimes print stuff by running the printing stuff as a local user (since only local users are allowed to print stuff in your highly secure system), well, sally could have used the the vulnerable sudo to run stuff as root and do all sorts of nasty things like peek in others' e-mail (and if you angered her, she just might have).

Of course, not using the dubious convenience offered by sudo would have spared you the pain in the first place.




Article rating:

  • Share our story:
  • Share on Twitter
By Razvan Stoica
Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When BitDefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Related

13-02-2009 | Microsoft Offers Ransom for E-threat Authors

06-02-2009 | CNN's legal security blunder

04-02-2009 | How big is the so-called Downadup pandemic after all?

29-01-2009 | Net Neutrality Wars

Comment on this

Name:

Email:

Website:

Your email adress will not be published.