I like to be able to run some commands installed via Homebrew without typing my sudo password. The problem is that Homebrew installs everything with user permissions, so if I add the executables to sudo’s NOPASSWD list (via
user ALL = (ALL) NOPASSWD: ...), these files can be replaced and so any arbitrary program can run as sudo.
chowning the executables would also be problematic, as it will break Homebrew’s update mechanism. Homebrew can’t be installed on the root account either. What should I do?
I need to backup files with preserved attributes from a source workstation to a LAN server (both on Linux Mint, the server is running sshd and Samba). One of the solutions which preserves files’ source attributes is to run rsync over ssh, something like that:
rsync -a --rsync-path="sudo rsync" -e ssh /media/user1/source user2@server:/media/user2/destination/
However for this to work as expected,
rsync needs to be added to the
sudoer list as
NOPASSWD on the server side:
This setup makes backing up with attribute preservation work fine. But how secure it is to have a passwordless rsync on the server? Is it inviting problems? Or I’m thinking too much? Our main security concern is unauthorised copying of sensitive data by a motivated hacker. Clearly if you can
sudo rsync you can send any file from the server to an arbitrary internet location.
What are your thoughts? If it’s that bad, any suggestions on a LAN backup which would preserve attributes from the source on the LAN workstation?
I want to split my terminal sessions to different users, to compartmentalize them.
If I sudo -i -u user1 in one terminal window, can user1 attack my main session?
Everyone talks about sudo to escalate privileges, but I want to reduce them.
Some apps (Github being the most prominent IMHO) allow using U2F token as a means of validation for “sudo mode” (potentially dangerous actions in UI like creating a new token) instead of password.
Intuitively it seems not very safe as a stolen device will most probably still contain the U2F token. Am I missing something that makes it safe enough?
I have access to a server via RCE over http, I can send post requests to the server which results in command execution. I am attempting to escalate privileges via sudo (su is not installed).
The server is heavily firewalled and there are no writeable directories/files within the web application.
My objective is to experiment with the
sudo command to escalate privileges but because the command execution is not TTY; I am unable to execute the sudo command.
Is it possible to execute a command like
sudo -S in a non-TTY shell?
Maybe using python’s pty module to spawn
/bin/sh, but what about a method to just execute a single binary with some parameters passed to it like
sudo -S <command> within/as a TTY shell?
To summarize: Is there a way to run
sudo in a single line in a non-TTY shell?
For example I am trying to run sudo with these parameters:
echo <password> | sudo -S id
Is it safer to do:
$ sudo [cmd] [args] [enter user password]
$ su - [enter root password] # [cmd] [args]
I always assumed they are the exact same thing, because sudo utilizes setuid-root, so the process that is run as sudo’s first arg is run with the sudo’s effective ID, which is root.
my question is: Does sudo ever eventually drops its effective ID to the normal user’s? Then in that case, number 1 above would be a safer bet, because IF the program/service that sudo is running with is compromised by an attacker, then there is a chance that the attacker is not running as root, because the privilege has already been dropped (kind of like a race condition)? But compare to the number 2, then any program compromised while running as root is detrimental.
I have recently had issues with my VPS host and them constantly asking for my password through insecure portal and then sending it via insecure email. I then asked them about changing the root username to a sudo via SSH and they have actively discouraged me. I am questioning their security and considering re-hosting. So I have a few questions.
- Is changing to a sudo a good idea?
- Any recommended hosts that actually take security seriously?
- Same who will move everything for me? Any ideas on who will help? Just so all theDNS stacks up and the SSL certificate works from off the bat.
Thanks everyone.. Andy
sudo is sometimes used to give untrusted or “semi-trusted” users the ability to perform certain tasks as root, while not giving them unlimited root access. This is usually done via an entry into
/etc/sudoers, specifying which programs can be executed.
However, some programs may provide more (no pun intended) functionality than expected, such as
find, which offer to execute other programs – most notably a shell.
Usually, which programs are safe to execute depends on knowledge of the sysadmin. Certain binaries like
cat are most likely safe (i.e. don’t allow the user to spawn a shell), while others like the examples above are known to be exploitable.
Is there a way to assess with reasonable confidence whether or not an executable is “safe” when given
sudo permissions for? Or is the only way a comprehensive source-code audit?
In response to
cat not being safe: Yes, it can be used to read sensitive files as root. In some setups, this may be the intended use-case (e.g. a limited user being able to read as root, but not write).
Furthermore, comments or answers explaining to me that
sudo is not the correct way to grant read permissions like this: I know. I am absolutely aware how a file-system should be structured, but due to the nature of my work, I can’t influence how file-systems are structured on those servers. All I can do is to see which recommendation fixes the immediate problem. So please, don’t challenge the frame of the question. I don’t have an XY-problem.
After reading about the lately discovered vulnerability with sudo, I decided to update to 1.8.28 manually. I downloaded deb file from
sudo.ws and used
dpkg to install it, and it failed due to lack of dependencies.
sudo dpkg -i debs/sudo_1.8.28-1_ubu1804_i386.deb (Reading database ... 232031 files and directories currently installed.) Preparing to unpack .../sudo_1.8.28-1_ubu1804_i386.deb ... Unpacking sudo:i386 (1.8.28-1) over (1.8.27-1ubuntu1.1) ... dpkg: dependency problems prevent configuration of sudo:i386: sudo:i386 depends on libc6. sudo:i386 depends on libpam0g. sudo:i386 depends on libpam-modules. sudo:i386 depends on zlib1g. sudo:i386 depends on libselinux1. sudo:i386 depends on libaudit1. dpkg: error processing package sudo:i386 (--install): dependency problems - leaving unconfigured Processing triggers for man-db (2.8.5-2) ... Errors were encountered while processing: sudo:i386
After that I can’t call
sudo any more and it seems to be damaged cause I can locate it in
l /usr/bin/sudo -rwsr-xr-x 1 root root 479K Oct 10 20:15 /usr/bin/sudo
Since there is no
Root user available on Ubuntu I was wondering if there is any solution other than rebooting as root in
with the news of the vulnerability found in sudo versions prior to 1.8.28, I am trying to upgrade to that version, but have had no luck. I did
sudo apt-get update and
sudo apt-get upgrade and sudo continues to be at the same version. Even tried
sudo apt-get upgrade sudo and it says it’s at the latest, which cannot be entirely true since 1.8.28 was released earlier today.
How does one typically go about updating packages using
apt-get to latest versions?