Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Sudo Allows Root Command Access Without Password

  1. #1
    Join Date
    Apr 2008
    Beans
    26
    Distro
    Ubuntu 6.06 Dapper

    Sudo Allows Root Command Access Without Password

    Today, I noticed that the sudo command was granting me root command access without requesting password verification. Originally I assumed it was just an unexpired timestamp issue, but I found that this continued long past the expected (default?) 15 minute time frame. I also tried "killing" the sudo session timestamp with both the -k and -K options, and I was still granted root access without password verification. As you may expect, this has me somewhat concerned. As best as I can ascertain, none the other regular users of the system have been granted root privileges, and I have no new, unauthorized, users that have suspiciously "appeared" on the system. Further, I've not noticed any other strange or unexpected activity on the system. Regular users when using the sudo command are challenged with a password prompt, are not allowed root command access, and the activity is reported to me via email as would be expected.

    My question is two fold. First, how do I return sudo to the behavior of requiring password authorization to grant privileges, and second, what actions should I take to prevent this from occurring again?

    Any help will be greatly appreciated.

    Thanks in advance!

    Best wishes,

    Traumadog.

  2. #2
    Join Date
    May 2007
    Beans
    7,032
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Sudo Allows Root Command Access Without Password

    What are the contents of /etc/sudoers?
    I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile
    Should I PM support questions? NO!

  3. #3
    Join Date
    Apr 2008
    Beans
    26
    Distro
    Ubuntu 6.06 Dapper

    Re: Sudo Allows Root Command Access Without Password

    The contents of my /etc/sudoers are as follows:

    Code:
    # /etc/sudoers
    #
    # This file MUST be edited with the 'visudo'command as root.
    #
    # See the man page for details on how to write a sudoers file.
    # Host alias specification
    
    # User alias specification
    
    # Cmnd alias specification
    
    # Defaults
    
    Defaults       !lecture,tty_tickets,!fqdn
    
    # User privilege specification
    root   ALL=(ALL) ALL
    
    #Members of the admin group may gain root privileges
    
    %admin   ALL=(ALL) ALL
    ( The above was transcribed by me from the actual file. I have not tried to alter the file on my system in any way from it's original settings. )

    Thanks in advance for helping me with this!

  4. #4
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: Sudo Allows Root Command Access Without Password

    That sudoers file looks correct, so what you are experiencing doesn't make much sense. Post the output for these commands
    Code:
    alias
    sudo -l
    whoami
    sudo -K
    sudo whoami
    For the last command, are you still not being prompted for a password?

  5. #5
    Join Date
    Apr 2008
    Beans
    26
    Distro
    Ubuntu 6.06 Dapper

    Re: Sudo Allows Root Command Access Without Password

    Quote Originally Posted by cdenley View Post
    That sudoers file looks correct, so what you are experiencing doesn't make much sense. Post the output for these commands
    Code:
    alias
    sudo -l
    whoami
    sudo -K
    sudo whoami
    For the last command, are you still not being prompted for a password?
    Ok, here is the output from the above requested commands:

    Code:
    alias
    alias ls='ls --color=auto'
    
    sudo -l
    user <my username> may run the following commands on this host:
    (ALL) ALL
    
    whoami
    <returns my username>
    
    sudo -K
    <returned a standard system prompt.  No other response.>
    
    sudo whoami
    root
    <There was no password prompt.>
    Let me know what you think.

    Thanks for your help!

  6. #6
    Join Date
    May 2007
    Beans
    7,032
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Sudo Allows Root Command Access Without Password

    While I haven't experienced anything like this myself, I have to wonder if this is related to the recent update of sudo. Please post the output of the following:
    Code:
    apt-cache policy sudo
    I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile
    Should I PM support questions? NO!

  7. #7
    Join Date
    Apr 2008
    Beans
    26
    Distro
    Ubuntu 6.06 Dapper

    Re: Sudo Allows Root Command Access Without Password

    Quote Originally Posted by p_quarles View Post
    While I haven't experienced anything like this myself, I have to wonder if this is related to the recent update of sudo. Please post the output of the following:
    Code:
    apt-cache policy sudo
    Ok, here's the output from the above request:

    Code:
    apt-cache policy sudo
    Sudo:
      Installed:  1.6.8p12-1ubuntu6
      Candidate:  1.6.8p12-1ubuntu6
      Version table:
     xxx 1.6.8p12-ubuntu6 0
           500 cdrom://Ubuntu-Server 6.06.1_Dapper Drake_ - Release i386 (20060807.1)dapper/main Packages
           500 http://archive.ubuntu.com dapper/main Packages
           100 /var/lib/dpkg/status
    Thanks for your help!

  8. #8
    Join Date
    May 2007
    Beans
    7,032
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Sudo Allows Root Command Access Without Password

    Hmm. I didn't realize you were using Ubuntu 6.06. How long has this system been installed? I assume from your first message that it was behaving correctly until just recently?
    I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile
    Should I PM support questions? NO!

  9. #9
    Join Date
    Apr 2008
    Beans
    26
    Distro
    Ubuntu 6.06 Dapper

    Re: Sudo Allows Root Command Access Without Password

    Quote Originally Posted by p_quarles View Post
    Hmm. I didn't realize you were using Ubuntu 6.06. How long has this system been installed? I assume from your first message that it was behaving correctly until just recently?
    You're correct. This started yesterday evening (05 May 2008 ).

    I have been running the system since late December 2006.

  10. #10
    Join Date
    Oct 2006
    Location
    SLC, UofU
    Beans
    684
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Sudo Allows Root Command Access Without Password

    Take a look at /var/log/auth.log

    When was the last time (according to logs) that you sudo'd?
    If you feel comfortable doing so, post the last few dozen relevant lines.
    --Superb--

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •