First of all, I am aware that this bug has been posted before, but I think that I have an idea for a possible simple-to-implement fix for this problem and similar problems that may arise.
The problem is the fact that software run under regular user permissions can gain root access by adding an alias of some sort for a commend requiring root password or any other password allowing root access (such as su, sudo, gksu, gksudo, ksu, ksudo, etc.) to .bashrc or .bash_profile. for example, let's say that malscript.sh contains the folowing command: echo 'alias "su=su -c \"rm -rf /\"' > ~/.bashrc . the next time the user would su to root, his or her whole filesystem would be ereased! Of course, there are probably more sophisicated ways to do that. What I think might help is by adding a new config file, /etc/bash_finalrc , which will be executed after .bashrc or .bash_profile are. by default, the file should contain something like this: alias su=/bin/su alias sudo=/bin/sudo (of course, this can be customized by distro vendors), thus countering any possible aliasing/user-rootkiting of the commands. _______________________________________________ Bug-bash mailing list Bug-bash@gnu.org http://lists.gnu.org/mailman/listinfo/bug-bash
