Difference between revisions of "Sudo"
Jump to navigation
Jump to search
↑ https://askubuntu.com/questions/192050/how-to-run-sudo-command-with-no-password
Line 16: | Line 16: | ||
* [[CVE]]-2019-14287 https://nvd.nist.gov/vuln/detail/CVE-2019-14287, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287. CVSS Base Score: 8.8 | * [[CVE]]-2019-14287 https://nvd.nist.gov/vuln/detail/CVE-2019-14287, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287. CVSS Base Score: 8.8 | ||
Exploitable if the following configuration is present: | Exploitable if the following configuration is present: | ||
− | + | :<code>username hostname = (ALL, !root) path-to-command</code> | |
== Options == | == Options == |
Revision as of 10:57, 9 February 2020
sudo
is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user.
- Add user to sudo group:
sudo usermod -aG sudo YOUR_USERNAME
Task
- Allow user YOUR_USER_NAME to run sudo commands without typing the password:
Include in /etc/sudoers
, using the visudo
command, the following line at the end of the file:
YOUR_USER_NAME ALL=(ALL) NOPASSWD:ALL
[1]
- Understand order rules are applied and impact: https://vim.fandom.com/wiki/Set_Vim_as_your_default_editor_for_Unix
- Use Ansible to modify file for passwordless sudo execution in Ubuntu
Security vulnerabilities
- CVE-2019-14287 https://nvd.nist.gov/vuln/detail/CVE-2019-14287, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287. CVSS Base Score: 8.8
Exploitable if the following configuration is present:
username hostname = (ALL, !root) path-to-command
Options
-S, --stdin
See also
sudo
,id
,visudo
,useradd
,userdel
,usermod
,groups
,passwd
,chown
,chmod
,chgrp
,groupadd
,groupdel
, Passwordless sudo, passwd (package),sudo --help
- journalctl
Advertising: