[TechRadar] Linux and MacOS PCs hit by serious Sudo vulnerability. - Page 2 - Overclock.net - An Overclocking Community
Forum Jump: 

[TechRadar] Linux and MacOS PCs hit by serious Sudo vulnerability.

Reply
 
Thread Tools
post #11 of 19 (permalink) Old 02-05-2020, 10:23 AM - Thread Starter
New to Overclock.net
 
Join Date: Feb 2020
Location: OKC
Posts: 18
Rep: 3 (Unique: 3)
Quote: Originally Posted by Mrzev View Post
Its funny how buffer overflows are the bane of passwords it seems. I remember windows had an issue where if you typed in a password padded with a TON of spaces at the end, it would let you through.
I think it's a deal where people don't expect someone to try and put in a password over 1000 characters in. But then again how many people would expect and administrator account to be implemented with a default password on almost every installation?

Too often it's just as easy to pull out a thumb drive or live cd and just go in and change passwords anyway. But if it's something that can be an issue through remote access then it's a real problem.
NightShade00013 is offline  
Sponsored Links
Advertisement
 
post #12 of 19 (permalink) Old 02-05-2020, 06:07 PM
Retired Staff
 
Transhour's Avatar
 
Join Date: Apr 2008
Posts: 4,520
Rep: 368 (Unique: 230)
Quote: Originally Posted by NightShade00013 View Post
I think it's a deal where people don't expect someone to try and put in a password over 1000 characters in. But then again how many people would expect and administrator account to be implemented with a default password on almost every installation?

Too often it's just as easy to pull out a thumb drive or live cd and just go in and change passwords anyway. But if it's something that can be an issue through remote access then it's a real problem.
i think the bigger concern here would be remote access with ssh, instead of having physical access to the machine.

I follow the Sociopath less travelled.
Linux going mainstream, Great, now I gotta use BSD.

Customize a Ubuntu Kernel



Transhour is offline  
post #13 of 19 (permalink) Old 02-07-2020, 12:20 AM
New to Overclock.net
 
Atlantida's Avatar
 
Join Date: May 2011
Location: Regina, SK
Posts: 171
Rep: 9 (Unique: 9)
Quote: Originally Posted by Diffident View Post
I'm the opposite. Being a Gentoo user, I've always used su, it seems to be Gentoo's preferred method. I didn't even know sudo existed till I started seeing Ubuntu guides popping up with everyone using sudo.
I always wanted to try Gentoo, though finally feeling at home with Arch, I find I'm too lazy to learn anything new. Respect to Gentoo users... I'm sure it's not the most convenient of distro's.

Atlantida is offline  
Sponsored Links
Advertisement
 
post #14 of 19 (permalink) Old 02-07-2020, 04:27 AM
Tetrapyloctomist
 
Aenra's Avatar
 
Join Date: Feb 2017
Posts: 1,675
Rep: 44 (Unique: 27)
Quote: Originally Posted by Atlantida View Post
at home with Arch
Best choice to make honestly; it's the root, it's as open as you can have it, it's a rolling release. What more might one ask?

(which is also why it baffles me, how so many people opt for other distros; i mean barring the type of person that goes out of their way to over-complicate things or paint themselves in a "bleeding edge" [yes, it annoys me, lol] type of image.. why.. ease of use perhaps? But if one wanted ease of use, would one really opt for Linux in the first place? Rhetorical anyway)

Pride, honour and purity.
Aenra is offline  
post #15 of 19 (permalink) Old 02-07-2020, 04:32 PM
BOINC Cruncher
 
Diffident's Avatar
 
Join Date: Apr 2014
Location: Bawlmer, MD
Posts: 1,664
Rep: 102 (Unique: 69)
Quote: Originally Posted by Atlantida View Post
I always wanted to try Gentoo, though finally feeling at home with Arch, I find I'm too lazy to learn anything new. Respect to Gentoo users... I'm sure it's not the most convenient of distro's.

Gentoo's not hard. The only thing that gives people trouble is compiling the kernel, other than that it's easier to install than Arch, when not using an Arch install script. The Gentoo Handbook is a lot nicer and easier to follow than Arch's Installation guide. I was playing around with Arch for like the 100th time last week. I'm always drawn in by something I want that's in the AUR, then something irritates me about Arch and I boot Gentoo back up. It's a never ending cycle I started back in 2004 when I first used Gentoo and Arch.

Team Boinc! - Forum Folding War Team
Gentoo Linux - Telemetry Free Since 1999!
Washington Capitals 2018 Stanley Cup Champions
Boinc Desktop
(15 items)
CrunchAholic
(10 items)
NAS
(7 items)
CPU
AMD Ryzen 7 1700X
Motherboard
ASRock X370 Taichi
GPU
AMD Radeon VII
RAM
HyperX Predator
Hard Drive
Samsung 970 EVOPlus
Power Supply
EVGA 850 G2
Cooling
Watercool Heatkiller IV PRO AM4 CPU Block
Cooling
EKWB Coolstream XE 240 Radiator
Cooling
EKWB Coolstream PE 360 Radiator
Cooling
Watercool Heatkiller 150mm Tube Res
Case
Thermaltake View 31 Tempered Glass RGB Edition
Operating System
Gentoo Linux
Monitor
Alienware AW3418DW
Keyboard
Coolermaster Masterkeys Pro S
Mouse
Roccat Kone EMP
CPU
Intel Xeon E5-2670
CPU
Intel Xeon E5-2670
Motherboard
Asrock Rack EP2C602
GPU
EVGA 1070ti FTW
GPU
EVGA 1070ti FTW
RAM
64 GBs Samsung M939B1K70CHD-CH9 PC3-10600R
Hard Drive
Samsung HD322HJ
Power Supply
Corsair AX1200
Case
Rosewill RSV-L4000
Operating System
Gentoo Linux
CPU
i3-4130T
Motherboard
GIGABYTE GA-H97N-WIFI
RAM
CORSAIR CMX16GX3M2A1600C11
Hard Drive
Western Digital Red 10 TB x3
Hard Drive
Western Digital Red 8 TB
Case
Fractal Design Node 804
Operating System
Gentoo Linux
▲ hide details ▲


Diffident is offline  
post #16 of 19 (permalink) Old 02-07-2020, 04:51 PM
sudo apt install sl
 
Join Date: Dec 2009
Posts: 6,354
Rep: 188 (Unique: 130)
Quote: Originally Posted by Aenra View Post
Best choice to make honestly; it's the root, it's as open as you can have it, it's a rolling release. What more might one ask? [IMG class=inlineimg]/forum/images/smilies/smile.gif[/IMG]

(which is also why it baffles me, how so many people opt for other distros; i mean barring the type of person that goes out of their way to over-complicate things or paint themselves in a "bleeding edge" [yes, it annoys me, lol] type of image.. why.. ease of use perhaps? But if one wanted ease of use, would one really opt for Linux in the first place? Rhetorical anyway)
I switched to linux because of ease of use. I was sick of installing drivers. It literally takes 5 minutes to install/setup an admin account on any bleeding edge distro. While Windows takes 5 minutes to install 2-3 to setup an account and 10-20 minutes to manually install drivers.

Everything I need is available on Flatpak and Clear Linux's package manager. Solus Linux has third party apps and some gaming tweaks already setup to jump right into using Lutris.(I prefer these two distros since they have Intel optimizations even AMD benefits from)

Silent
(20 items)
CPU
Core i9 9900K... CoffeeTime! @ 5.1Ghz w/ 1.36v
Motherboard
Maximus VIII Formula
GPU
Titan RTX @ 2100Mhz/2075Mhz
RAM
TeamGroup Xtreem 32GB 3200Mhz CL15
Hard Drive
HP EX950 2TB
Hard Drive
Samsung 850 Evo 1TB
Hard Drive
Samsung 850 Evo 1TB
Power Supply
EVGA SuperNova 1200w P2
Cooling
EK Supremacy Full Copper Clean
Cooling
XSPC D5 Photon v2
Cooling
Black Ice Gen 2 GTX360 x2
Cooling
EK-Vector Radeon VII - Copper + Plexi
Case
Thermaltake Core X5 Tempered Glass Edition
Operating System
Clear Linux
Monitor
Acer XF270HUA
Keyboard
Cherry MX Board 6.0
Mouse
Logitech G600
Mouse
Alugraphics GamerArt
Audio
Definitive Technology Incline
Audio
SMSL M8A
▲ hide details ▲
WannaBeOCer is offline  
post #17 of 19 (permalink) Old 03-23-2020, 04:36 PM
New to Overclock.net
 
PhotonFanatic's Avatar
 
Join Date: Dec 2009
Posts: 1,975
Rep: 23 (Unique: 22)
Quote: Originally Posted by Mrzev View Post
Its funny how buffer overflows are the bane of passwords it seems. I remember windows had an issue where if you typed in a password padded with a TON of spaces at the end, it would let you through.
It's funny how something like this would just totally break security. I'd consider security to be totally broken if they've got an admin password. The buffer overflowed, so by god here's the keys to the kingdom. Seems like the thing to do.

"Executing execution.exe"
Bang for the buck
(12 items)
CPU
3570k @ 4.6Ghz @1.35v
Motherboard
Gigabyte Z77x UD3H
GPU
evga GTX 970 SSC
RAM
16Gb Gskill Ripjaws 2133Mhz @ 9-11-10-28
Hard Drive
Samsung Evo 850
Power Supply
Silverstone 900 watt
Cooling
Thermalright Ultra 120 Extreme
Case
Silverstone Raven (1st edition)
Operating System
Windows 10 Spy Delux
Monitor
Xstar 27" PLS 1440p
Keyboard
Wireless ergonomic
Mouse
Logisys Wireless trackball
▲ hide details ▲
PhotonFanatic is offline  
post #18 of 19 (permalink) Old 03-28-2020, 01:18 PM
Panzerjäger Tiger Ausf. B
 
jagdtigger's Avatar
 
Join Date: Aug 2014
Location: Hungary, Győr
Posts: 797
Rep: 47 (Unique: 29)
Quote: Originally Posted by Transhour View Post
i think the bigger concern here would be remote access with ssh, instead of having physical access to the machine.
Only if you are a jackass and exposed ssh to the internet with password auth enabled...

Dark Repulser
(21 items)
CPU
Intel I5 4670K
Motherboard
MSI Z87-G55 (MS-7821)
GPU
Sapphire R9 290X
RAM
2xCORSAIR 8GB Vengeance DDR3 1600MHz CL9 CML8GX3M1A1600C9
Hard Drive
Samsung SSD 850 Pro
Power Supply
XFX Pro 650W Modular Edition
Cooling
2x Laing DDC-Pumpe 12V DDC-1Plus with aquacover dual ddc top
Cooling
Aquacomputer aquaero 6 XT
Cooling
2x alphacool nexxxos xt45 360
Cooling
Koolance VID-AR290X Water Block
Cooling
Aquacomputer cuplex kryos PRO
Cooling
Phobya reservoir
Case
Fractal Design Define S
Operating System
Windows 7 HP
Operating System
Kubuntu
Monitor
LG IPS277L
Monitor
LG W2486L
Monitor
LG 27MU67-B
Keyboard
SpeedLink DarkSky black
Mouse
Logitech M705
Audio
Integrated devices
▲ hide details ▲
jagdtigger is offline  
post #19 of 19 (permalink) Old 03-28-2020, 01:27 PM
Overclocker in training
 
ThrashZone's Avatar
 
Join Date: Apr 2017
Location: Texas
Posts: 10,377
Rep: 150 (Unique: 92)
Hi,
Most windows users cringe just having to get past UAC popup windows to simply click okay.

These people would never use linus with sudo/ sudo su/ or just su because all require a password entry after.

Just shows a linux super user account is just a standard user account in windows.

CPU
i9-9940x With Optimus Foundation copper-plexi and Heatkiller VRM Plexi-Copper water block
Motherboard
ASUS x299 Rampage VI Apex
GPU
Titan Xp with copper Water Block
RAM
Trident Z 3600C16 4x8gb's b-die default timings 16-16-16-36
Hard Drive
Samsung 970 Evo Plus 500gb M.2/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Optical Drive
LG Blu-Ray WH16NS40
Power Supply
evga 1200-P2
Cooling
2-280GTX Black Ice Nemesis rads with D5 pump-res combo and D5 top before and after rads.
Case
corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 pro & 10 pro Win-7 Primary os.
Monitor
ASUS VG248QE 24" 144Hz
Keyboard
Logitech G910 Orion spectrum
Mouse
Redragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Other
5.0/https://valid.x86.fr/ez2ifr
CPU
i7-5930k with Heatkiller IV Pro Plexi-Copper and koolance vrm water blocks
Motherboard
X99 Sabertooth
GPU
EVGA 1080ti FTW3 with Water block
RAM
Trident-Z 3200C14 4x8gb's b-die default timings 14-14-14-34
Hard Drive
Samsung 970 Evo 500gb M.2/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Power Supply
EVGA 1000-P2
Cooling
2-240 GTX Black Ice Nemesis rads/ D5 pump-res combo and D5 top before and after rads.
Case
Corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 and 10 pro Win-7 Primary os.
Monitor
AOC G2460PG 24"G-Sync 144Hz
Mouse
Red Dragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Hard Drive
eLeaf MELO-3 4ml
Power Supply
SE US18650VTC6 3120mAh 30A 3.6V 18650 Li-ion Battery - GREENx4
Case
ANGIS Legion MOD 200w Geek Vape
Operating System
VapeWild RazzleBerry 50-50-0mg nic
▲ hide details ▲
ThrashZone is online now  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off