fbpx

Sudoer Exploit

We are still waiting to see package updates on the latest exploit for Linux affecting many distributions. However, this is a fairly remote scenario and does not affect any of our clients because we generally do not see web hosting servers using sudoer files in this way. Here is the link to the details:

https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html

The thing is, in the servers we surveyed most of our users do not use sudoers files much. We generally use the root user when we need to operate as root and user accounts are used for user account functions. Breaking this down, this is how this works.

Your system would need to have three users. Lets say there is Jim, Joe and root. You would need to have used the sudoers file to grant joe access to run commands as jim, but not as root. And in that case, using this exploit, joe could in fact still run commands as root.

This in reality is a pretty isolated type of config and for our clients, not anything would would have recommended to set up and we to date have never set up this type of access.

Still, its a pretty glaring omission, but the fact that its gone so long undetected is a good indication that the severity is not as bad as it sounds.

We don't mean to brag but...

These are some of our statistics:

0
Avg Response Time
0%
Server Uptime
0%
Issues Fixed
0
Trees Planted

What Our Customers
Have To Say

About three years ago we were looking for a new server provider, the problem that we were having was we are not “server guys” and we had over 400 clients to take care of. So anytime we tried to get support we had to submit a ticket, try to explain what was going on, and then pray that the response was in some form that we could understand.

After the on-boarding with Green Olive Tree, they told us that we had twice as much server than we needed and they were not set up right. Thank goodness we have found someone that really looked at what we want to do and gave us real actionable advice. It is safe to say that we have found our server company, and now we can focus on growing out business and not have to worry about the reliability of our support.

Thanks again Green Olive Tree, You Guys Rock!

John Owens

Green Olive Tree has been an invaluable resource to my company allowing me to focus more on my business instead of the management of servers. In the five years I have done business with GOT I have had zero downtime. Knowing that everything is being kept up-to-date and they are proactively patching system flaws gives me peace of mind that I didn’t have before finding Green Olive Tree. Jon has always made himself available when I’ve needed advice or help on upgrading servers or software and I can’t imagine ever going back to managing a server without GOT.

Chris Smith

Green Olive Tree has been very good to us. Jon has helped us scale from 200,000 unique’s visitors a day to over 3 million per day. From 1 server to now 14 on a well-structured load balanced failsafe system. Not only that he has managed to reduce our server resources 3 fold by installing the right kind of software so we’re getting more power out of each server for the same price. He always responds very quickly and stays up at all kinds of crazy hours to help us out, the man never sleeps! I guess that’s why he was a Navy Chief, he brings that discipline into his work and that’s what we love.

Anthony Lipari

Call us today at (800) 269-6465
We can help, contact us today.

Copyright © Green Olive Tree

/* LinkedIn Tag */