15 Oct
2019
15 Oct
'19
2:23 a.m.
On Tue, 15 Oct 2019 13:32:26 +1300, Peter Reutemann quoted:
'The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the "sudoers configuration" explicitly disallows the root access.'
Which, it should be pointed out, is a rather unusual way to use sudo. More commonly it is used to allow selected non-root users to run things as root. More details here <https://www.theregister.co.uk/2019/10/14/linux_sudo_security_bug/>.