I don't agree that it is a bug. While it is certainly a confusing side-
effect of script, an "ALL" sudoers entry makes this script is no
different that simply running "sudo /bin/sh". It is configured,
expected, and allowed for such a user to gain root privileges.
** Changed in: sudo (Ubuntu)
Status: Confirmed => Invalid
--
Privilege Escalation Exploit with setenv or ALL (v. <= 1.6.9p18 )
https://bugs.launchpad.net/bugs/349075
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
