| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4D35DEF7.1010902@gmail.com> Date: Tue, 18 Jan 2011 14:41:59 -0400 From: Emanuel dos Reis Rodrigues <emanueldosreis@...il.com> To: Laurelai Storm <laurelai@...echan.org> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: I find a bug Look, this happen only in machines that have your sudo configuration with no password. Emanuel dos Reis Rodrigues Senior Level Linux Professional (LPIC-3) LPI 302 (Mixed Environment) Specialty LPI 304 (Virtualization and High Availability) Specialty C|EH Certified Ethical Hacker CompTIA Security+ Certified http://br.linkedin.com/in/emanuelreis t:@emanueldosreis emanueldosreis(No*SpAm)gmail.com Mobile: +55 95 8112-9628 Laurelai Storm wrote: > I have fedora 14, several centOS 5.5 machines and a vanilla ubuntu > 9.10 vm, all ask for the password > > > 2011/1/18 Christian Sciberras <uuf6429@...il.com > <mailto:uuf6429@...il.com>> > > Every bug is a feature. Some are less obvious than others. > > ;-) > > Oh, and for what it's worth, I get asked for the root password on > my machine (vanilla ubuntu). > > > > > > 2011/1/18 Laurelai Storm <laurelai@...echan.org > <mailto:laurelai@...echan.org>> > > It prompts for a password on my machine, perhaps you should > check your sudoers config. > > Also, its not a bug its a feature :p > > 2011/1/18 我是王子 <tradeprince@...com > <mailto:tradeprince@...com>> > > hello, > I found a bug, > run [sudo strace su] command can get root privileges > without any password. > bill > ------------------ Original ------------------ > *From: * "Steve Beattie"<sbeattie@...ntu.com > <mailto:sbeattie@...ntu.com>>; > *Date: * Thu, Jan 13, 2011 08:01 PM > *To: * > "ubuntu-security-announce"<ubuntu-security-announce@...ts.ubuntu.com > <mailto:ubuntu-security-announce@...ts.ubuntu.com>>; > *Cc: * "full-disclosure"<full-disclosure@...ts.grok.org.uk > <mailto:full-disclosure@...ts.grok.org.uk>>; > "bugtraq"<bugtraq@...urityfocus.com > <mailto:bugtraq@...urityfocus.com>>; > *Subject: * [USN-1042-2] PHP5 regression > -- > ubuntu-security-announce mailing list > ubuntu-security-announce@...ts.ubuntu.com > <mailto:ubuntu-security-announce@...ts.ubuntu.com> > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists