Index ¦ Archives ¦ RSS

sudo segfault

Estimated read time: 1 minutes

Quoting a mail I just sent to Miller:

,,It seems I hit a bug in sudo-1.7.0 (at least I can't reproduce it with 1.6.9p17):

$ sudo chown vmiklos /etc/sudoers $ sudo false sudo: /etc/sudoers is owned by uid 1003, should be 0 Segmentation fault

According to gdb, it seem to be a nullpointer-dereference bug, and given that it is reproducible only in case the permission and/or owner is wrong, I don't think it has a security impact. But who knows. ;)''

We'll see how does he handle the problem.

© Miklos Vajna. Built using Pelican. Theme by Giulio Fidente on github.