IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sudo]

`sudo` is a command that allows a user to use commands with the privileges of another user, usually the root user.

sudo is a command that allows a user to use commands with the privileges of another user, usually the root user.

The difference with su is that su allows a user to become another user, and remain that user until they log out. sudo, by contrast, allows a user to execute one commend with another users privileges.

To use sudo, a user needs to enter their password, to once again verify that they are who they claim to be. Note that it is the user's own password, not the root password, that is required to use sudo.

On some systems, like Ubuntu, the root user is disabled by default, to prevent people from gaining root access by guessing the password. A user with the appropriate sudo privileges can then perform commands with root privileges by prefixing their command with sudo.

78 questions
2
votes
1 answer

Why is sudo's usage of timestamp files insecure?

Sudo and Opendoas on Linux use timestamp files to keep track of how long it's been since you've last entered your password. Doas on BSD uses a kernel feature instead. Why is the latter considered more secure?
glibg10b
  • 23
  • 2
2
votes
1 answer

Possible to inject in the middle of a ROOT NOPASSWD command with a wild card?

I'm testing for privilege escalations on a Ubuntu 18.04 host, and after running sudo -l , I've discovered a couple of root NOPASSWD commands for a standard user (w/unknown password). These commands contain wild cards. Example: (root) NOPASSWD:…
Duck
  • 41
  • 3
2
votes
2 answers

How are docker containers affected by CVE-2021-3156?

Do docker (web service/server)s run unattended updates? Otherwise, how to do this? I am worried about the recent sudo -s CVE. How are docker containers affected? If I set up an auditing system with remote logging, and have unattended/security…
Julius Baer
  • 51
  • 7
2
votes
2 answers

On a single user laptop does it make sense to have a separte password for root and the user?

I have a laptop on which I'm the only user. While installing the laptop I was wondering why I should choose a different password for the root account and user account. My reasoning is: The change of finding a valid password doubles if the user and…
Martijn de Munnik
  • 121
  • 1
2
votes
1 answer

Homebrew and NOPASSWD sudo

I like to be able to run some commands installed via Homebrew without typing my sudo password. The problem is that Homebrew installs everything with user permissions, so if I add the executables to sudo's NOPASSWD list (via user ALL = (ALL)…
HappyFace
  • 121
  • 3
2
votes
2 answers

Privilege Escalation TTY error while using sudo /usr/bin/vi command

I am currently trying to escalate my privileges on an Ubuntu box. When I enumerated the server and run "sudo -l" command, I found out /usr/bin/vi set to (root) NOPASSWD. (root) NOPASSWD: /usr/bin/vi /var/www/html/* Then I wanted to use vi for my…
Blacklion
  • 93
  • 9
2
votes
1 answer

sudo -u vs sudoedit

I have read on the internet that you have to use sudoedit instead of sudo vim. I understand why this is and should be used so you can't just edit root-user files. However I would like to manage a nologin user (service account that run a single…
C-3Pi-O
  • 21
  • 1
2
votes
1 answer

Is it a good practice to make sudo ask for root password in a single-user system?

I have a server where I am the only normal user and I need to have password-based authentication enabled for SSH. I have configured iptables with recent module which throttles SSH connections and root logins over SSH are disabled. However, let's say…
Martin
  • 361
  • 2
  • 8
  • 16
1
vote
1 answer

is copy pasting sudo password from opened document a possible vulnerability?

During setup of my ubuntu systems after installing the system offline i open a textfile and change my sudo password by typing it into a textfile and paste it after so that i don't lock myself out by accident. My passwords are 20 characters long and…
Junior J. Garland
  • 677
  • 5
  • 15
1
vote
2 answers

Shellshock plus sudo/su environment whitelist bypass - big problem?

The question is: How big a problem is this? Looks pretty big to me. With the shellshock bug it is possible to bypass the whitelist of known-harmless environment variables in sudo, as well as other routes to execution of code as high-privileged…
Ben
  • 3,697
  • 1
  • 18
  • 24
1
vote
2 answers

How to securely use `pass`, `sudo`, and `npm` on the same machine

TL;DR: running npm i ... not long after pass my-password allows a malicious package to steal my entire password store. I use pass as a password manager, on Linux. And like probably all Linux users, I use sudo to run commands as root. The first time…
Zwyx
  • 13
  • 2
1
vote
1 answer

Security difference between changing permissions versus using sudo to execute

If there is a program written by a normal user that requires root privileges (eg. a program that interacts with root processes) what is the difference between running this program using sudo vs. changing the program permissions with chown root and…
durestudios
  • 11
  • 1
1
vote
1 answer

How to fine tune timing for CVE-2021-3156 (sudo privilege escalation)?

I am trying to execute the sudo buffer overflow (CVE-2021-3156) on one of my systems, but haven't got it working yet. The system is definitely vulnerable (taking into account sudo version and sudoedit -A -s \\ output (malloc error). I created a VM…
Tom Atix
  • 166
  • 4
1
vote
0 answers

Can a sudo account access my browser sessions (e.g. Stack Exchange) remotely?

Suppose I am logged in to Stack Exchange on Firefox on my work computer. This session is clearly stored as a cookie (or something else), because it persists when I reboot the computer. I have sudo access on my computer, but so does the network…
wimi
  • 141
  • 5
1
vote
1 answer

Java application run as root

I'm testing Linux server where Java web application is run as root, I typed: >ps aux in the result I see: root 18265 (...) Sl+ 19:52 0:37 java -Xmx2g -jar test_app.jar what is the best explanation for admins to convince them to run…
user187205
  • 1,163
  • 3
  • 15
  • 24
1 2
3
4 5 6