From owner-freebsd-ports@FreeBSD.ORG Sun Jul 22 09:54:56 2007 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6A1A416A417 for ; Sun, 22 Jul 2007 09:54:56 +0000 (UTC) (envelope-from pfraser@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.182]) by mx1.freebsd.org (Postfix) with ESMTP id 2A60913C45D for ; Sun, 22 Jul 2007 09:54:56 +0000 (UTC) (envelope-from pfraser@gmail.com) Received: by py-out-1112.google.com with SMTP id a73so2854998pye for ; Sun, 22 Jul 2007 02:54:55 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=UsV8O74VRYIfIjK/h4SBckQJ4qXrtMoP6H9S039lnup08exhApdbf6piLbY3jhtW1hqfv2B1uLx2LL8UXuUps5PKHTWpWGx6Q1f4gYsBW2TD1hEK1HiGa3TtyVR0lzTPoYGm0BJCGDlTPMhCNVg8QEsmqHXRVxmkwArUEyP4gNo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=aRlC208XDv9ENl4pjnSXNLWFFL3y6SI1uxBs8dPirXWQrtqRwgUVWJPwvDxxJDe59DjX8KTlkmWXdF3Mf8+fKUdfIUzT8Y16ulDXCer5X91p2PoqHzTLj9230DGYqcSvwqtaUAR3q4JbORZXsV0lVI1W52kx8X8PtPHdq+ZWYFo= Received: by 10.65.119.14 with SMTP id w14mr2987485qbm.1185098095333; Sun, 22 Jul 2007 02:54:55 -0700 (PDT) Received: by 10.65.160.14 with HTTP; Sun, 22 Jul 2007 02:54:55 -0700 (PDT) Message-ID: Date: Sun, 22 Jul 2007 19:54:55 +1000 From: "Paul Fraser" To: tmclaugh@sdf.lonestar.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: ports@freebsd.org Subject: Re: Unusual sudo / w behaviour - 0 users? X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jul 2007 09:54:56 -0000 On 7/22/07, Paul Fraser wrote: > Hi Tom (and ports list by CC), > > After an upgrade to sudo v1.6.9 on my 6-STABLE workstation, I've > noticed some interesting behaviour with regards to interaction between > sudo and w. Sorry to respond so shortly afterwards (especially to myself!), but I've also confirmed this behaviour on a FreeBSD 6.2-RELEASE-p6 box with sudo v1.6.9. Quite an interesting little bug with potentially dangerous implications, since a user could hide from the "real" administrator if (s)he were to compromise the box and at least temporarily escalate themselves. -- Regards, Paul Fraser // Independent Technical Consultant // Ph: +61 405 341 905 // furyc0de.net This correspondence and any related attachments are confidential. Distribution, reproduction, or release (public domain or otherwise) without the author's prior written consent is STRICTLY FORBIDDEN. Failure to distribute any of the aforementioned without this footer (intact and unmodified) is also STRICTLY FORBIDDEN. Failure to abide by these terms and conditions can result in legal action. If you have received this correspondance in error, or believe any of these terms have been breached, you are requested to contact the author immediately and take steps to destroy all copies in your possession. PGP KeyID: 0x64E635B1 Keyserver: pgp.mit.edu:11371 Key fingerprint: CDA3 0797 68B9 0EC1 D4D3 A7B9 D7D7 4924 64E6 35B1