Control: forwarded -1 http://bugzilla.sudo.ws/show_bug.cgi?id=707
On Thu, 05 Nov 2015, Laurent Bigonville wrote: > Apparently a security has been disclosed (CVE-2015-5602) allowing users > to open files with sudoedit that is not supposed to using a symlinks, > see: https://www.exploit-db.com/exploits/37710/ > > Upstream has released a new fixed version by no following the symlinks > by default. > > But according to this comment[0], this is not fixing the issue > completely. It's really a combination of a specific sudoers configuration (allowing the edition via root of files possibly under the user's control) and a lack of checks for this specific case in sudoedit. I doubt that many systems have such a setup but sudo is not really helping the administrator to notice their mistake. And depending on what files the configuration allows to edit, even the patched 1.8.15 does not help... I left a comment on the upstream ticket: http://bugzilla.sudo.ws/show_bug.cgi?id=707 Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
