|
Full Disclosure
mailing list archives
Re: I find a bug
From: Jamie Riden <jamie.riden () gmail com>
Date: Tue, 18 Jan 2011 11:12:39 +0000
Also sudo vi, :!bash.
That's why you need to be aware of what sudo access you're granting -
it's more useful as a tool for keeping audit logs - together with
remote syslogging - for well-meaning administrators than it is at
stopping people from getting root.
cheers,
Jamie
2011/1/18 我是王子 <tradeprince () qq com>:
hello,
I found a bug,
run [sudo strace su] command can get root privileges without any password.
bill
------------------ Original ------------------
From: "Steve Beattie"<sbeattie () ubuntu com>;
Date: Thu, Jan 13, 2011 08:01 PM
To: "ubuntu-security-announce"<ubuntu-security-announce () lists ubuntu com>;
Cc: "full-disclosure"<full-disclosure () lists grok org uk>;
"bugtraq"<bugtraq () securityfocus com>;
Subject: [USN-1042-2] PHP5 regression
--
ubuntu-security-announce mailing list
ubuntu-security-announce () lists ubuntu com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Jamie Riden / jamie () honeynet org / jamie.riden () gmail com
http://uk.linkedin.com/in/jamieriden / Mobile: 07545 502 598
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
(Thread continues...)
| 
