26 Jan
2009
26 Jan
'09
10:39
https://bugzilla.novell.com/show_bug.cgi?id=468923
User koenig@linux.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=468923#c5
--- Comment #5 from Harald Koenig
so, is there a security bug in sudo itself or is it about "how to escape into root via an arbitrary command, run from sudo?"
yes, it's a real bug for a valid sudoers file (but not for the default sudoers settings). sudo developer Todd C. Miller already offered a patch for the problem in 1.6.9p19 which I just verified for our use case. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.