@Adna: "Then you would have read what I wrote about exploiting alias and why this is many times harder and about 'other tricks'".
We talked about exploiting the alias thru ~/.bashrc. This is not many times harder. This is, in fact, an easy (although sort of convoluted) attack vector. Attacks like this one require that someone or something had physical/logical (e.g., walking in and finding an unsecured session, or by an installed malicious program, or via the Web) access to the user account. If none above applies, then there is no attack. "please stop talking about userlvl trojans or keylogger because as I pointed very clearly out int the forum it's not possible..." Sorry. It is possible. Your example of a fakesudo is a perfectly valid example of a keylogger. keylogger: program/hardware that intercepts keystrokes, either all or a subset. fakesudo: a program that intercepts keystrokes and eventually passes them to the real sudo. So fakesudo *is* a keylogger. "...to steal root-pwd with them" Huh. A comment here: if your sudo implementation requires an user to type in the root password to gain access to root... this is bad security. Really. A decent sudo implementation will require the *user* password, and will limit access to some subset of commands. "And just because other distros have the same bug, doesn't mean it is good, does it?" No, it certainly does not. The problem we seem to be having is on accepting (or not) what you proposed as a bug. It is *NOT* a bug. It is the result of some bad choices by the user (and the sysadmins, probably). "And also this stupid example with physical access...I'm really sick that I even mentioned it but never thought people would understand it so mindless...." s/physical/physical l |network/g Otherwise, how will this be exploited? "...the rest of the rant..." This is a rant. As such, it deserves no response (although I am aware this sentence *is* a response). -- getting the root password through .bashrc and a fakesudo https://bugs.launchpad.net/bugs/127116 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
