[Iftop-users] Re: Security Issue With iftop
Ali Jawad
alijawad1 at gmail.com
Mon, 18 Jan 2010 20:26:08 +0300
--0015174c19e04ad207047d73a750
Content-Type: text/plain; charset=ISO-8859-1
> Hi All
> As you all know a non root user can not run iftop. So the most obvious
> workaround is to use sudo. Now if you give a regular user sudo access he
> will execute.
>
> sudo iftop
>
> Once he is inside iftop. He can execute ! he will get the following promtp
>
> command >
>
> At this point a user can execute su, and he will get a root shell. He can
> also execute any command in privileged mode. The idea of using sudo
> initially was giving the user iftop access. However the user ends up with
> total root access.
>
> Please comment.
>
> Regards
>
--0015174c19e04ad207047d73a750
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_quote"><blockquote class=3D"gmail_=
quote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt =
0pt 0.8ex; padding-left: 1ex;"><div dir=3D"ltr">Hi All<br>As you all know a=
non root user can not run iftop. So the most obvious workaround is to use =
sudo. Now if you give a regular user sudo access he will execute.<br>
<br>sudo iftop<br><br>Once he is inside iftop. He can execute ! he will get=
the following promtp<br>
<br>command ><br><br>At this point a user can execute su, and he will ge=
t a root shell. He can also execute any command in privileged mode. The ide=
a of using sudo initially was giving the user iftop access. However the use=
r ends up with total root access.<br>
<br>Please comment.<br><br>Regards<br></div>
</blockquote></div><br></div>
--0015174c19e04ad207047d73a750--