Homebrew and NOPASSWD sudo

I like to be able to run some commands installed via Homebrew without typing my sudo password. The problem is that Homebrew installs everything with user permissions, so if I add the executables to sudo’s NOPASSWD list (via user ALL = (ALL) NOPASSWD: ...), these files can be replaced and so any arbitrary program can run as sudo. chowning the executables would also be problematic, as it will break Homebrew’s update mechanism. Homebrew can’t be installed on the root account either. What should I do?

How bad is rsync with no-password sudo?

I need to backup files with preserved attributes from a source workstation to a LAN server (both on Linux Mint, the server is running sshd and Samba). One of the solutions which preserves files’ source attributes is to run rsync over ssh, something like that:

rsync -a --rsync-path="sudo rsync" -e ssh /media/user1/source user2@server:/media/user2/destination/ 

However for this to work as expected, rsync needs to be added to the sudoer list as NOPASSWD on the server side:

user2 ALL=NOPASSWD:/usr/bin/rsync 

This setup makes backing up with attribute preservation work fine. But how secure it is to have a passwordless rsync on the server? Is it inviting problems? Or I’m thinking too much? Our main security concern is unauthorised copying of sensitive data by a motivated hacker. Clearly if you can sudo rsync you can send any file from the server to an arbitrary internet location.

What are your thoughts? If it’s that bad, any suggestions on a LAN backup which would preserve attributes from the source on the LAN workstation?

U2F instead of password for “sudo mode”?

Some apps (Github being the most prominent IMHO) allow using U2F token as a means of validation for “sudo mode” (potentially dangerous actions in UI like creating a new token) instead of password.

Intuitively it seems not very safe as a stolen device will most probably still contain the U2F token. Am I missing something that makes it safe enough?

Exectuting sudo command in one line within a non-tty shell

I have access to a server via RCE over http, I can send post requests to the server which results in command execution. I am attempting to escalate privileges via sudo (su is not installed).

The server is heavily firewalled and there are no writeable directories/files within the web application.

My objective is to experiment with the sudo command to escalate privileges but because the command execution is not TTY; I am unable to execute the sudo command.

Is it possible to execute a command like sudo -S in a non-TTY shell?

Maybe using python’s pty module to spawn /bin/bash or /bin/sh, but what about a method to just execute a single binary with some parameters passed to it like sudo -S <command> within/as a TTY shell?

To summarize: Is there a way to run sudo in a single line in a non-TTY shell?

For example I am trying to run sudo with these parameters:

echo <password> | sudo -S id

Does sudo ever de-escalate privilege while the program/command/service is running?

For Example

Is it safer to do:

  1. $ sudo [cmd] [args] [enter user password]


  1. $   su - [enter root password] # [cmd] [args]   

I always assumed they are the exact same thing, because sudo utilizes setuid-root, so the process that is run as sudo’s first arg is run with the sudo’s effective ID, which is root.

my question is: Does sudo ever eventually drops its effective ID to the normal user’s? Then in that case, number 1 above would be a safer bet, because IF the program/service that sudo is running with is compromised by an attacker, then there is a chance that the attacker is not running as root, because the privilege has already been dropped (kind of like a race condition)? But compare to the number 2, then any program compromised while running as root is detrimental.

Changing VPS username ‘Root’ to a sudo

I have recently had issues with my VPS host and them constantly asking for my password through insecure portal and then sending it via insecure email. I then asked them about changing the root username to a sudo via SSH and they have actively discouraged me. I am questioning their security and considering re-hosting. So I have a few questions.

  1. Is changing to a sudo a good idea?
  2. Any recommended hosts that actually take security seriously?
  3. Same who will move everything for me? Any ideas on who will help? Just so all theDNS stacks up and the SSL certificate works from off the bat.

Thanks everyone.. Andy

How can one tell if a binary is safe to give sudo permissions for to an untrusted user?

sudo is sometimes used to give untrusted or “semi-trusted” users the ability to perform certain tasks as root, while not giving them unlimited root access. This is usually done via an entry into /etc/sudoers, specifying which programs can be executed.

However, some programs may provide more (no pun intended) functionality than expected, such as more, less, man or find, which offer to execute other programs – most notably a shell.

Usually, which programs are safe to execute depends on knowledge of the sysadmin. Certain binaries like echo or cat are most likely safe (i.e. don’t allow the user to spawn a shell), while others like the examples above are known to be exploitable.

Is there a way to assess with reasonable confidence whether or not an executable is “safe” when given sudo permissions for? Or is the only way a comprehensive source-code audit?

In response to cat not being safe: Yes, it can be used to read sensitive files as root. In some setups, this may be the intended use-case (e.g. a limited user being able to read as root, but not write).

Furthermore, comments or answers explaining to me that sudo is not the correct way to grant read permissions like this: I know. I am absolutely aware how a file-system should be structured, but due to the nature of my work, I can’t influence how file-systems are structured on those servers. All I can do is to see which recommendation fixes the immediate problem. So please, don’t challenge the frame of the question. I don’t have an XY-problem.

command not found: sudo

After reading about the lately discovered vulnerability with sudo, I decided to update to 1.8.28 manually. I downloaded deb file from sudo.ws and used dpkg to install it, and it failed due to lack of dependencies.

sudo dpkg -i debs/sudo_1.8.28-1_ubu1804_i386.deb  (Reading database ... 232031 files and directories currently installed.) Preparing to unpack .../sudo_1.8.28-1_ubu1804_i386.deb ... Unpacking sudo:i386 (1.8.28-1) over (1.8.27-1ubuntu1.1) ... dpkg: dependency problems prevent configuration of sudo:i386: sudo:i386 depends on libc6. sudo:i386 depends on libpam0g. sudo:i386 depends on libpam-modules. sudo:i386 depends on zlib1g. sudo:i386 depends on libselinux1. sudo:i386 depends on libaudit1.  dpkg: error processing package sudo:i386 (--install): dependency problems - leaving unconfigured Processing triggers for man-db (2.8.5-2) ... Errors were encountered while processing: sudo:i386 

After that I can’t call sudo any more and it seems to be damaged cause I can locate it in /usr/bin/sudo:

l /usr/bin/sudo -rwsr-xr-x 1 root root 479K Oct 10 20:15 /usr/bin/sudo 

Since there is no Root user available on Ubuntu I was wondering if there is any solution other than rebooting as root in recovery mode?

how to update sudo package version

with the news of the vulnerability found in sudo versions prior to 1.8.28, I am trying to upgrade to that version, but have had no luck. I did sudo apt-get update and sudo apt-get upgrade and sudo continues to be at the same version. Even tried sudo apt-get upgrade sudo and it says it’s at the latest, which cannot be entirely true since 1.8.28 was released earlier today.

How does one typically go about updating packages using apt-get to latest versions?