Sudoer Exploit

We are still waiting to see package updates on the latest exploit for Linux affecting many distributions. However, this is a fairly remote scenario and does not affect any of our clients because we generally do not see web hosting servers using sudoer files in this way. Here is the link to the details:

https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html

The thing is, in the servers we surveyed most of our users do not use sudoers files much. We generally use the root user when we need to operate as root and user accounts are used for user account functions. Breaking this down, this is how this works.

Your system would need to have three users. Lets say there is Jim, Joe and root. You would need to have used the sudoers file to grant joe access to run commands as jim, but not as root. And in that case, using this exploit, joe could in fact still run commands as root.

This in reality is a pretty isolated type of config and for our clients, not anything would would have recommended to set up and we to date have never set up this type of access.

Still, its a pretty glaring omission, but the fact that its gone so long undetected is a good indication that the severity is not as bad as it sounds.