Correct. As one of the people helping in the efforts to get an OS patched, yes, it pretty much effects everything it touches.
Its been a two sided coin too. The closed-door email about the vuln only went out a week before public disclosure. NO WAY IN FUCKING HELL ENOUGH TIME to get any distro to patch, test, and roll out to all CDNs the patch to ensure stability and accuracy, along with auditing and errata notices to go with it. Not only that, but most of the distro maintainers I'm in contact with ONLY found
I've been working on a sudo clone called please. Written in rust to avoid traditional c flaws. I suggest trying it out to get more diversity in the ecosystem. Or not, totally up to you.
Properly or not, doesn't matter. This isn't about "users", this is about chained exploits. Imagine a remote code execution vulnerability on a server, but it only runs in the context of that application's user (Apache/Nginx running as "www" for example). Those exploits can now be chained with the sudo exploit effortlessly to gain full root access to the entire system. THATS the issue we're all worried about.
Users dont need to be listed in the sudoers file to exploit this. It doesn't matter what their "access" is, the exploit takes place before any of those checks. Anonymous users (eg: "nobody" user) can exploit this to gain full root access. Any application running in the context of any user can exploit this. That's why its so dangerous.
Correct. As one of the people helping in the efforts to get an OS patched, yes, it pretty much effects everything it touches.
Its been a two sided coin too. The closed-door email about the vuln only went out a week before public disclosure. NO WAY IN FUCKING HELL ENOUGH TIME to get any distro to patch, test, and roll out to all CDNs the patch to ensure stability and accuracy, along with auditing and errata notices to go with it. Not only that, but most of the distro maintainers I'm in contact with ONLY found
I've been working on a sudo clone called please. Written in rust to avoid traditional c flaws. I suggest trying it out to get more diversity in the ecosystem. Or not, totally up to you.
https://gitlab.com/edneville/p... [gitlab.com]
Properly or not, doesn't matter. This isn't about "users", this is about chained exploits. Imagine a remote code execution vulnerability on a server, but it only runs in the context of that application's user (Apache/Nginx running as "www" for example). Those exploits can now be chained with the sudo exploit effortlessly to gain full root access to the entire system. THATS the issue we're all worried about.
Users dont need to be listed in the sudoers file to exploit this. It doesn't matter what their "access" is, the exploit takes place before any of those checks. Anonymous users (eg: "nobody" user) can exploit this to gain full root access. Any application running in the context of any user can exploit this. That's why its so dangerous.