Sudo exploits on v1.8.6p7
by crothman from LinuxQuestions.org on (#51B4S)
Hello,
My security team told me that our version of Sudo (v1.8.6p7) has exploits and unauthorized users can override and gain access. It was recommended me to use Sudo v1.8.31 which is the latest. I uncommented out these 4 lines:
Defaults log_output
Defaults!/usr/bin/sudoreplay !log_output
Defaults!/usr/local/bin/sudoreplay !log_output
Defaults!REBOOT !log_output
Has anyone done this and does the /var/log/sudo-io directory get big?
Thank you
C
My security team told me that our version of Sudo (v1.8.6p7) has exploits and unauthorized users can override and gain access. It was recommended me to use Sudo v1.8.31 which is the latest. I uncommented out these 4 lines:
Defaults log_output
Defaults!/usr/bin/sudoreplay !log_output
Defaults!/usr/local/bin/sudoreplay !log_output
Defaults!REBOOT !log_output
Has anyone done this and does the /var/log/sudo-io directory get big?
Thank you
C