Language Selection

English French German Italian Portuguese Spanish

Sudo broken, sudo fixed

Filed under
Software

Linux and Mac OS X users and system administrators, and long before them, Unix users and sysadmins, have used sudo as an essential computer management tool. With it, users are given the power to make essential, but sometimes dangerous, changes to their systems. Recently a fundamental security bug in sudo was discovered, In some network this security hole could allow a cracker unlimited control of Linux, Mac OS X, and Unix systems. Fortunately, the bug has now been fixed.

Sudo, which system operators (sysops) use all the time, has been around for almost as long as Unix has been. People often think sudo stands for “do as superuser.”

Rest here




another reason why I never used sudo

and never used a distribution that forces sudo. it's a huge security problem to allow users to use sudo.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security Leftovers

  • Someone is putting lots of work into hacking Github developers [Ed: Dan Goodin doesn't know that everything is under attack and cracking attempts just about all the time?]
    Open-source developers who use Github are in the cross-hairs of advanced malware that has steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.
  • Security Orchestration and Incident Response
    Technology continues to advance, and this is all a changing target. Eventually, computers will become intelligent enough to replace people at real-time incident response. My guess, though, is that computers are not going to get there by collecting enough data to be certain. More likely, they'll develop the ability to exhibit understanding and operate in a world of uncertainty. That's a much harder goal. Yes, today, this is all science fiction. But it's not stupid science fiction, and it might become reality during the lifetimes of our children. Until then, we need people in the loop. Orchestration is a way to achieve that.

Leftover: Development (Linux)

  • Swan: Better Linux on Windows
    If you are a Linux user that has to use Windows — or even a Windows user that needs some Linux support — Cygwin has long been a great tool for getting things done. It provides a nearly complete Linux toolset. It also provides almost the entire Linux API, so that anything it doesn’t supply can probably be built from source. You can even write code on Windows, compile and test it and (usually) port it over to Linux painlessly.
  • Lint for Shell Scripters
    It used to be one of the joys of writing embedded software was never having to deploy shell scripts. But now with platforms like the Raspberry Pi becoming very common, Linux shell scripts can be a big part of a system–even the whole system, in some cases. How do you know your shell script is error-free before you deploy it? Of course, nothing can catch all errors, but you might try ShellCheck.
  • Android: Enabling mainline graphics
    Android uses the HWC API to communicate with graphics hardware. This API is not supported on the mainline Linux graphics stack, but by using drm_hwcomposer as a shim it now is. The HWC (Hardware Composer) API is used by SurfaceFlinger for compositing layers to the screen. The HWC abstracts objects such as overlays and 2D blitters and helps offload some work that would normally be done with OpenGL. SurfaceFlinger on the other hand accepts buffers from multiple sources, composites them, and sends them to the display.
  • Collabora's Devs Make Android's HWC API Work in Mainline Linux Graphics Stack
    Collabora's Mark Filion informs Softpedia today about the latest work done by various Collabora developers in collaboration with Google's ChromeOS team to enable mainline graphics on Android. The latest blog post published by Collabora's Robert Foss reveals the fact that both team managed to develop a shim called drm_hwcomposer, which should enable Android's HWC (Hardware Composer) API to communicate with the graphics hardware, including Android 7.0's version 2 HWC API.

today's howtos

Reports From and About Cloud Native Computing Foundation (CNCF)