Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   Sudo Vendors:
sudo '-u' sudoedit Error Discloses Restricted Files to Local Users
SecurityTracker Alert ID:  1011342
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 17 2004
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 1.6.8 only
Description:   A vulnerability was reported in sudo. A local user can view files with elevated privileges.

The vendor reported that a flaw in the '-u' sudoedit option in version 1.6.8 may allow a user to view files with elevated privileges.

It is reported that a local user can invoke sudoedit and replace a temporary file (used by the editor) with a link to a target file that the user does not have privileges to access. When the local user quits the editor, the edited file will contain a copy of the linked file.

Reznic Valery is credited with reporting this flaw.

Impact:   A local user with sudoedit privileges may be able to view files with elevated privileges.
Solution:   The vendor has released a fixed version (1.6.8p1), available at:

Vendor URL: (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.

 Source Message Contents

Subject:  [sudo-announce] Sudo version 1.6.8p1 now available (fwd)

---------- Forwarded message ----------
Date: Thu, 16 Sep 2004 13:13:05 -0600
From: Todd C. Miller <>
Subject: [sudo-announce] Sudo version 1.6.8p1 now available

Sudo version 1.6.8, patchlevel 1 is now available.  It includes a
fix for a security flaw in sudoedit that could give a malicious
user read access to file that would normally be unreadable.  See for more details.

Major changes since Sudo 1.6.8:

 o Sudoedit now re-opens the temp file as the invoking user
   and will only open regular files.

 o Better detection of unchanged files in sudoedit.

 o The path to ldap.conf is now configurable.

 o Added SSL tls_* certificate checking options when using LDAP.

 o The sample pam config file has been updated.

Commercial support is now available for Sudo.  If your organization
uses Sudo please consider purchasing a support contract to help
fund additional Sudo development at
Custom enhancements to Sudo may also be contracted for.

You can also help out by "purchasing" a copy of Sudo or making a
donation at

Sudo is still free software and I intend for it to remain so but
as I currently lack regular employment I am asking for help from
the Sudo community.  Your support will enable me to continue to
improve Sudo and complete projects such as a proper user's manual
and a major rewrite of large portions of Sudo.

You may recall news of a patent recently awarded to MicroSoft that
some people have said covers Sudo.  After reading through the patent
and conferring with several people I don't believe it covers Sudo
as it exists now since the patent appears to cover a persistent
daemon process.  However, the patent does seem overly broad and
could restrict future Sudo development so I am collecting prior
art in the hopes of having the patent re-evaluated.  If you have
examples of prior art, please contact me with details.

Master Web Site:

Web Site Mirrors: (Los Angeles, California, USA) (Fanwood, New Jersey, USA) (Bend, Oregon, USA) (USA) (Argentina) (Australia) (Latvia) (Kaunas, Lithuania) (Russia) (Taiwan)

FTP Mirrors: (Boulder, Colorado, USA) (Boulder, Colorado, USA) (Redwood City, California, USA) (Los Angeles, California, USA) (Beltsville, Maryland, USA) (West Lafayette, Indiana, USA) (Bloomington, Indiana, USA) (Rochester, New York, USA) (Argentina) (Australia) (Austria) (Alberta, Canada) (Hong Kong, China) (Czechoslovakia) (France) (Frankfurt, Germany) (Japan) (Japan) (Japan) (Japan) (Japan) (Poland) (Russia) (Taiwan)

HTTP Mirrors: (Rochester, New York, USA) (East Coast, USA) (West Lafayette, Indiana, USA) (California, USA) (Frankfurt, Germany) (Japan) (Japan) (Poland) (Moscow, Russian Federation) (Taiwan)
sudo-announce mailing list <>
For list information, options, or to unsubscribe, visit:


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC