SELinux Systems Vulnerable to sudo Vulnerability

By

sudo users can wreak havoc on your SELinux-protected systems.

This is the classic example of “when protectors turn predators.” SELinux is a Linux kernel security module that provides a very strict mechanism for supporting access control security policies. But there are chinks in this armor.

A newly discovered security hole in Linux makes SELinux protected systems vulnerable to attacks. Qualys, a cloud-based security and compliance solutions company, discovered a vulnerability in sudo's get_process_ttyname() for Linux.

“On an SELinux-enabled system, if a user is Sudoer for a command that does not grant him full root privileges, he can overwrite any file on the filesystem (including root-owned files) with his command's output, because relabel_tty() (in src/selinux.c ) calls open(O_RDWR|O_NONBLOCK) on his tty and dup2() s it to the command's stdin, stdout, and stderr. This allows any Sudoer user to obtain full root privileges,” according to a Qualys Security Advisory.

For those who are unfamiliar with sudo: it allows other users on the system to run commands with root privileges.

The vulnerability exists in sudo 1.7.10 through 1.7.10p9, inclusive, and sudo 1.8.5 through 1.8.20p1, inclusive. A fix has been released in sudo 1.8.20p2.

If you are alarmed about more vulnerabilities being found in Linux, don’t be. As Linus Torvalds rightly said, bugs are part of the software development process. What’s more important is that the open source development model offers transparency into bug discovery and bug fixing. You are not dependent on a single vendor to fix it, as is the case with proprietary technologies.

Since the fix is already out, please update and patch your servers immediately.

06/06/2017

Related content

comments powered by Disqus

SysAdmin Day 2017!

  • Happy SysAdmin Day 2017!

    Download a free gift to celebrate SysAdmin Day, a special day dedicated to system administrators around the world. The Linux Professional Institute (LPI) and Linux New Media are partnering to provide a free digital special edition for the tireless and dedicated professionals who keep the networks running: “10 Terrific Tools."

Special Edition

Newsletter

Subscribe to ADMIN Update for IT news and technical tips.

ADMIN Magazine on Twitter

Follow us on twitter