[Iftop-users] Security Issue With iftop

Ali Jawad alijawad1 at gmail.com
Mon, 18 Jan 2010 19:35:52 +0300 

--00032557aed28fcaa9047d72f3b8
Content-Type: text/plain; charset=ISO-8859-1

Hi All
As you all know a non root user can not run iftop. So the most obvious
workaround is to use sudo. Now if you give a regular user sudo access he
will execute.

sudo iftop

Once he is inside iftop. He can execute ! he will get the following promtp

command >

At this point a user can execute su, and he will get a root shell. He can
also execute any command in privileged mode. The idea of using sudo
initially was giving the user iftop access. However the user ends up with
total root access.

Please comment.

Regards

--00032557aed28fcaa9047d72f3b8
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Hi All<br>As you all know a non root user can not run ifto=
p. So the most obvious workaround is to use sudo. Now if you give a regular=
 user sudo access he will execute.<br><br>sudo iftop<br><br>Once he is insi=
de iftop. He can execute ! he will get the following promtp<br>

<br>command &gt;<br><br>At this point a user can execute su, and he will ge=
t a root shell. He can also execute any command in privileged mode. The ide=
a of using sudo initially was giving the user iftop access. However the use=
r ends up with total root access.<br>

<br>Please comment.<br><br>Regards<br></div>

--00032557aed28fcaa9047d72f3b8--