LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 01-18-2010, 11:36 AM   #1
ALInux
Member
 
Registered: Nov 2003
Location: Lebanon
Distribution: RHEL 5/CentOS 5/Debian Lenny/(K)Ubuntu Is Dead/Mandriva 10.1
Posts: 668
Blog Entries: 7

Rep: Reputation: 31
iftop security issue ?


Hi All
As you all know a non root user can not run iftop. So the most obvious workaround is to use sudo. Now if you give a regular user sudo access he will execute.

sudo iftop

Once he is inside iftop. He can execute ! he will get the following promtp

command >

At this point a user can execute su, and he will get a root shell. He can also execute any command in privileged mode. The idea of using sudo initially was giving the user iftop access. However the user ends up with total root access.

Please comment.

Regards
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 01-18-2010, 05:33 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,781
Blog Entries: 54

Rep: Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978
'man noexec' (if available), 'man sudo': "There is no easy way to prevent a user from gaining a root shell if that user is allowed to run arbitrary commands via sudo. Also, many programs (such as editors) allow the user to run commands via shell escapes, thus avoiding sudo’s checks. However, on most systems it is possible to prevent shell escapes with sudo’s noexec functionality.", 'man sudoers'?
 
2 members found this post helpful.
Old 01-18-2010, 05:53 PM   #3
ALInux
Member
 
Registered: Nov 2003
Location: Lebanon
Distribution: RHEL 5/CentOS 5/Debian Lenny/(K)Ubuntu Is Dead/Mandriva 10.1
Posts: 668
Blog Entries: 7

Original Poster
Rep: Reputation: 31
unSpawn you save the day. Thanks for that hint, just what I needed.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
possible to run iftop as non-root? drokmed Linux - Software 3 01-18-2010 11:25 AM
allow iftop without shell console mad_penguin Linux - Security 2 03-20-2009 04:55 AM
Problems installing iftop jim.thornton Linux - Software 0 01-13-2008 06:44 PM
webmin issue, poss security issue bejiita Slackware 3 11-03-2004 07:07 AM
iftop will not load mahjong Linux - Software 0 10-16-2003 10:27 AM


All times are GMT -5. The time now is 05:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration