…and you’re root
A recent vulnerability in OS X, Linux, BSD, and many other systems allows some users to become root without a password. Luckily there are some ways you can protect yourself.
The process:
Run sudo -k, change the time to 01-01-1970, run sudo su, and you’re root. It’s so simple it can fit in a tweet.
Two caveats:
- The user running
sudomust have sudoer privileges - You must be able to change the time without root-level privileges
The problem:
Changing the date used to be a root-level only privilege, however both OS X (unlocked System Preferences) and Linux/BSD (common in desktop environments, e.g. polkit).
With OS X and most Linux/BSD distributions, the initial user created automatically gets sudoer privileges since they are the user installing the system. The way that someone could get root access to your machine is if you leave your computer unlocked and walk away or allow password-less logins to your machine.
The fix:
Keep your system up-to-date. If your computer has auto-updating for security packages, enable it. Keep your computer locked when you walk away. If you are on OS X, lock your System Preferences by clicking the lock-icon in the bottom left of any of the Preferences windows.
The vulnerability is detailed at these security alert websites:
- http://www.openwall.com/lists/oss-security/2013/02/27/22
- http://www.ubuntu.com/usn/usn-1754-1/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775
- http://www.sudo.ws/sudo/alerts/epoch_ticket.html
Improve your server uptime with redundant (A+B) power 4 Questions to Help you Determine if Cloud Hosting is Right for your SMB
Comments are currently closed.
Thanx for the heads-up! I really appreciate these security alerts for Linux.