JP Vossen via plug on 15 Mar 2021 11:42:59 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] kernel bug - gain root priv


Only if they have the iSCSI module loaded, or you can load it.

But on the `sudo` front, upstream Sudo finally made a change that I can't believe took so incredibly long:
----
https://www.sudo.ws/stable.html
...
The current stable release of the sudo 1.9 branch is version 1.9.6p1.
...
Major changes between version 1.9.3 and 1.9.2:
...
Sudo no longer refuses to run if a syntax error in the sudoers file is encountered. The entry with the syntax error will be discarded and sudo will continue to parse the file. This makes recovery from a syntax error less painful on systems where sudo is the primary method of superuser access. ...
...
----

There are a number of other related changes scattered about that URL, like better syntax errors including file, line and column, and so on.

Of course, there's no telling when any of that changes will percolate down into the LTS packaged distros...


On 3/15/21 1:51 PM, Thomas Delrue via plug wrote:
<joke>
I guess I just regained access to some machines on which I fubar'ed the sudoers file
</joke>

On 3/15/21 13:27, jeffv via plug wrote:
15-year-old Linux kernel bugs let attackers gain root privileges

https://www.bleepingcomputer.com/news/security/15-year-old-linux-kernel-bugs-let-attackers-gain-root-privileges/
Later,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug