Multiple Security Issues in Rust-sudo-rs (opens in new tab)

(bugs.launchpad.net)

45 pointseyberg4mo ago11 comments

11 comments

> A partially typed password would be output to standard input if a timeout occurred when Defaults pwfeedback was not enabled (GHSA-q428-6v73-fc4q).

> Timestamp files did not take into account the setting of the Defaults targetpw and Defaults rootpw (GHSA-c978-wq47-pvvw)

JoshTriplett4mo ago

"moderate" makes sense here; those are issues that needed fixing, but they wouldn't give someone privileged access they shouldn't have, and they occur in non-default configurations.

porridgeraisin4mo ago

> access they shouldn't have

It does, quotes from https://github.com/trifectatechfoundation/sudo-rs/security/a... below:

> A highly-privileged user (able to run commands as other users, or as root, through sudo) who knows one password of an account they are allowed to run commands as, would be able to run commands as any other account the policy permits them to run commands for, even if they don't know the password for those accounts.

> A common instance of this would be that a user can still use their own password to run commands as root (the default behaviour of sudo), effectively negating the intended behaviour of the targetpw or rootpw options.

2 more replies

zamalek4mo ago

Not sure what's news-worthy here? Safe Rust eliminates certain classes of bugs, not all bugs. The editorializing of the title seems like strawmanning.

alextingle4mo ago

The drive to rewrite existing, tried and tested code in the new trendy language is crazy. Hopefully problems like this will be a bit of a reality check for those cheerleading it.

drogus4mo ago

What kind of reality check would it be when the original sudo got two even more serious security issues this year, even though it's "tried and tested"?

shakna4mo ago

A bug in Ubuntu's standard sudo executable is newsworthy.

Updates are probably required for a large number of servers.

creatonez4mo ago

> Updates are probably required for a large number of servers.

This never affected any servers, because non-LTS ubuntu versions are never used in productions. They are essentially treated as betas.

drogus4mo ago

There were two very serious issues in original sudo this year. I can't find much info about them on HN.

j / k navigate · click thread line to collapse

11 comments

j00574mo ago

> A partially typed password would be output to standard input if a timeout occurred when Defaults pwfeedback was not enabled (GHSA-q428-6v73-fc4q).

> Timestamp files did not take into account the setting of the Defaults targetpw and Defaults rootpw (GHSA-c978-wq47-pvvw)

JoshTriplett4mo ago

"moderate" makes sense here; those are issues that needed fixing, but they wouldn't give someone privileged access they shouldn't have, and they occur in non-default configurations.

porridgeraisin4mo ago

> access they shouldn't have

It does, quotes from https://github.com/trifectatechfoundation/sudo-rs/security/a... below:

2 more replies

zamalek4mo ago

Not sure what's news-worthy here? Safe Rust eliminates certain classes of bugs, not all bugs. The editorializing of the title seems like strawmanning.

alextingle4mo ago

The drive to rewrite existing, tried and tested code in the new trendy language is crazy. Hopefully problems like this will be a bit of a reality check for those cheerleading it.

drogus4mo ago

What kind of reality check would it be when the original sudo got two even more serious security issues this year, even though it's "tried and tested"?

shakna4mo ago

A bug in Ubuntu's standard sudo executable is newsworthy.

Updates are probably required for a large number of servers.

creatonez4mo ago

> Updates are probably required for a large number of servers.

This never affected any servers, because non-LTS ubuntu versions are never used in productions. They are essentially treated as betas.

drogus4mo ago

There were two very serious issues in original sudo this year. I can't find much info about them on HN.

j / k navigate · click thread line to collapse