Vulnerabilities in sudo closed

Several Linux distributors have released updated sudo packages to fix two vulnerabilities that allow users with limited access rights to escalate their privileges. The sudo (super user do) command is intended to allow users to execute certain commands at another user’s privilege level – usually root. The contents of the /etc/sudoers file determines whether or not a user is authorised to execute a command at a higher privilege level (by preceding the command with sudo) without further authentication. This allows administrators to give other users the rights required to handle certain management tasks without giving them overall root access.

Read more at H-online

Comments are closed.