Aggregatet
  • Communities
  • Create Post
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
schnurrito@discuss.tchncs.de to Linux@lemmy.worldEnglish · 11 hours ago

Bugs Found in sudo

www.linux-magazine.com

external-link
message-square
10
fedilink
  • cross-posted to:
  • linux@programming.dev
45
external-link

Bugs Found in sudo

www.linux-magazine.com

schnurrito@discuss.tchncs.de to Linux@lemmy.worldEnglish · 11 hours ago
message-square
10
fedilink
  • cross-posted to:
  • linux@programming.dev
Bugs Found in sudo » Linux Magazine
www.linux-magazine.com
external-link
Two critical flaws allow users to gain access to root privileges.
alert-triangle
You must log in or register to comment.
  • SayCyberOnceMore@feddit.uk
    link
    fedilink
    English
    arrow-up
    9
    ·
    9 hours ago

    As far as mitigation is concerned, the only thing you need to do is to confirm that your system’s sudo version is at least version 1.9.17p1 or later, which can be done with the command sudo -V. If your version is older than 1.9.17p1, update immediately.

    • Alphane Moon@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      4 hours ago

      This wouldn’t apply to Debian derived distros (e.g. DietPi). I am assuming the fix will backported to the version of sudo shipping with bookworm.

      • SayCyberOnceMore@feddit.uk
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        3 hours ago

        Why wouldn’t this apply?

        One day in the future the later version of sudo would become available…?

        • Alphane Moon@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          3 hours ago

          I am assuming the fix for the second vulnerability will be backported to the older version in bookworn; 13p1 if I remember correctly.

          I’ve seen theme backport security to older releases of much less important software.

  • lurch (he/him)@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    9
    ·
    10 hours ago

    Already patched and available via updates.

  • Dr. Wesker@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    11 hours ago

    doas

    • HouseWolf@pawb.social
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 hours ago

      I keep seeing people promote doas, but is it really any more secure than sudo? besides just having less eyes on it?

      • Victor@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        38 minutes ago

        Subscribing to this question.

    • Lorem Ipsum dolor sit amet@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      edit-2
      8 hours ago

      sudo-rs

      • Victor@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        38 minutes ago

        Is it better than doas?

  • NoSpotOfGround@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    11 hours ago

    deleted by creator

Linux@lemmy.world

linux@lemmy.world

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !linux@lemmy.world

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you’re a seasoned Linux enthusiast or just starting your journey, we’re excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let’s dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 109 users / day
  • 466 users / week
  • 2.13K users / month
  • 5.54K users / 6 months
  • 2 local subscribers
  • 11.8K subscribers
  • 798 Posts
  • 6.31K Comments
  • Modlog
  • mods:
  • MigratingtoLemmy@lemmy.world
  • BE: 0.19.8
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org