On Tue, 28 Apr 2015 07:19:34 +0200, someone wrote:
You are perfectly correct, it was ed, not vi and sudoedit could be the
solution, thanks.
I will try to search the internet how to do the LD_PRELOAD trick with ed.
You cannot as LD_PRELOAD only works with dynamic executables and
ed is static.
On 2015-04-27, whynot sudo whynots...@safe-mail.net wrote:
Cmnd_Alias FOO = /bin/ed, /usr/bin/ed, /usr/bin/vi
foouser LOCALHOST = NOPASSWD: NOEXEC: FOO
Can the foouser escape to root prompt?
Let's try!
$ sudo ed
!sh
# id
uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty),
Yeah, that LD_PRELOAD trick NOEXEC uses doesn't work so well with
static executables.
Thank you, so there is a way tricking noexec with vi to get a root shell.
But how exactly? Why isn't it fixed? :O
Oh something is broken?
Please show your work.
Yeah, that LD_PRELOAD trick NOEXEC uses doesn't work so well with
static executables.
Thank you, so there is a way tricking noexec with vi to get a root shell.
But how exactly? Why isn't it fixed? :O
On Mon, Apr 27, 2015 at 9:49 PM, Christian Weisgerber na...@mips.inka.de
wrote:
On 2015-04-27,
On Mon, Apr 27, 2015 at 9:43 PM, someone thisistheone8...@gmail.com wrote:
Yeah, that LD_PRELOAD trick NOEXEC uses doesn't work so well with
static executables.
Thank you, so there is a way tricking noexec with vi to get a root shell.
No, that's not what naddy demonstrated. He showed that
In the bad thing category, you could break your sudo config.
What do you mean by that?
Original Message
From: ludovic coues cou...@gmail.com
To: whynot sudo whynots...@safe-mail.net
Subject: Re: What bad things could happen if we don't use sudoedit?
Date: Mon, 27 Apr 2015 18
On Tue, 28 Apr 2015, at 04:46 AM, whynot sudo wrote:
Hello list,
We know it's safer* to use sudoedit, but what bad things can happen if we
have the following in sudoers?
Cmnd_Alias FOO = /bin/ed, /usr/bin/ed, /usr/bin/vi
foouser LOCALHOST = NOPASSWD: NOEXEC: FOO
Can the foouser escape
On 28/04/15 05:28 +1200, Carlin Bingham wrote:
On Tue, 28 Apr 2015, at 04:46 AM, whynot sudo wrote:
Hello list,
We know it's safer* to use sudoedit, but what bad things can happen if we
have the following in sudoers?
Cmnd_Alias FOO = /bin/ed, /usr/bin/ed, /usr/bin/vi
foouser LOCALHOST =
On Mon, Apr 27, 2015 at 1:44 PM, Richo Healey ri...@psych0tik.net wrote:
On 28/04/15 05:28 +1200, Carlin Bingham wrote:
On Tue, 28 Apr 2015, at 04:46 AM, whynot sudo wrote:
Hello list,
We know it's safer* to use sudoedit, but what bad things can happen if we
have the following in sudoers?
You are perfectly correct, it was ed, not vi and sudoedit could be the
solution, thanks.
I will try to search the internet how to do the LD_PRELOAD trick with ed.
Thanks :)
On Tue, Apr 28, 2015 at 7:09 AM, Philip Guenther guent...@gmail.com wrote:
On Mon, Apr 27, 2015 at 9:43 PM, someone
10 matches
Mail list logo