Difference between revisions of "Sudo"

From wikieduonline
Jump to navigation Jump to search
Line 16: Line 16:
 
* [[CVE]]-2019-14287 https://nvd.nist.gov/vuln/detail/CVE-2019-14287, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287. CVSS Base Score: 8.8
 
* [[CVE]]-2019-14287 https://nvd.nist.gov/vuln/detail/CVE-2019-14287, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287. CVSS Base Score: 8.8
 
Exploitable if the following configuration is present:
 
Exploitable if the following configuration is present:
username hostname = (ALL, !root) path-to-command
+
:<code>username hostname = (ALL, !root) path-to-command</code>
  
 
== Options ==
 
== Options ==

Revision as of 10:57, 9 February 2020

sudo is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user.

  • Add user to sudo group: sudo usermod -aG sudo YOUR_USERNAME

Task

  • Allow user YOUR_USER_NAME to run sudo commands without typing the password:

Include in /etc/sudoers, using the visudo command, the following line at the end of the file:

YOUR_USER_NAME ALL=(ALL) NOPASSWD:ALL[1]

Security vulnerabilities

Exploitable if the following configuration is present:

username hostname = (ALL, !root) path-to-command

Options

See also

  • https://askubuntu.com/questions/192050/how-to-run-sudo-command-with-no-password
  • Advertising: