MISCELLANEOUS

Sudo considered harmful

Buggy old bad idea

Normal
0

false
false
false

EN-US
X-NONE
X-NONE

MicrosoftInternetExplorer4

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,”sans-serif”;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”Times New Roman”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}

Fresh
off the presses, but not covered by the mainstream press, we have a freshly-patched
vulnerability in Ubuntu Linux  sudo to
talk about.

CVE-2009-0034
 is a bug that affects versions 8.04 and
8.10 of the popular distribution,  but it
is also an object lesson on the inherent tension between security and
usability.

On
smost *nix systems, the administrator account, called root, has ultimate power
over, well, everything. Wielding that power is sometimes left to a select
group, called “wheel”, consisting of user accounts permitted to “take
on the mantle of authority”, so to speak, and switch from being their usual
selves , “mranderson” or “user278”, to being
“root” and issuing commands which can affect the whole system as
such.

To
do this, one needs to have a valid account with a password on that machine, to
know the password  to the root account,
to be in the “wheel” group and to know the magic words, which happen
to be “su root”. Pretty good security.

Now,
what sudo does is offer a convenient way to do stuff as if you were another
user, such as root, yet without switching personas. To use sudo, your account
needs to be listed in another special file, called “sudoers” and you
need to know the password to your own user account and the magic words, which
are “sudo <whatever you wanna do>”.

This
is very much like what Vista UAC does when you try to install trojans on your
new laptop.

The
sudoers file, in the default configuration, lists only accounts allowed to run
stuff with root privileges. Yet sudo can be configured, via the same file, to
allow user accounts to run programs with the privileges of other user accounts.

If
you were a diligent little admin using Ubuntu and you took advantage of this
feature to allow sally the remote user to sometimes print stuff by running the
printing stuff as a local user (since only local users are allowed to print
stuff in your highly secure system), well, sally could have used the the
vulnerable sudo to run stuff as root and do all sorts of nasty things like peek
in others’ e-mail (and if you angered her, she just might have).

Of
course, not using the dubious convenience offered by sudo would have spared you
the pain in the first place.

About the author

Răzvan STOICA

Razvan Stoica is a journalist turned teacher turned publicist and
technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Razvan Stoica started off writing for a science monthly and was the chief
editor of a science fiction magazine for a short while before moving on to
the University of Medicine in Bucharest where he lectured on the English
language. Recruited by Bitdefender in 2004 to add zest to the company's
online presence, he has fulfilled a bevy of roles within the company since.

In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.