SoylentNews is people
SoylentNews
Ten-Year Old Sudo Vulnerability Gives Root Privileges on Host:
A major security hole in the Sudo utility could be abused by unprivileged users to gain root privileges on the vulnerable host, Qualys reports.
Designed to allow users to run programs with the security privileges of another user (by default superuser, hence the name, which is derived from 'superuser do'), Sudo is present in major Unix- and Linux-based operating systems out there.
Tracked as CVE-2021-3156, the recently identified vulnerability, which Qualys refers to as "Baron Samedit," was introduced in July 2011, and can be exploited to gain root privileges using a default Sudo configuration.
This means that an attacker able to compromise a low-privileged account on the machine could abuse the vulnerability to gain root access.
All legacy versions of Sudo, from 1.8.2 to 1.8.31p2, as well as the utility's stable releases from 1.9.0 to 1.9.5p1 are affected, in their default configuration.
[...] Qualys, which provides an in-depth technical analysis of the vulnerability, has published a proof-of-concept video to demonstrate how the issue can be exploited.
Also at Bleeping Computer.
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
(Score: 4, Insightful) by engblom on Thursday January 28 2021, @07:55AM (27 children)
I have said it many times, we need to put all effort we can on getting away from C. If one does not consider Rust to be mature enough, then put effort into making Rust a viable solution or any other safer language of choice. It is frustrating me that so little effort is put into getting rid of C. We have had this problem with insecure programs and even operating systems made in C for so long time.
Die hard C fans will flame me for this and claim how good they are at writing C. Yes, you can use all kind of safety techniques and libraries but as there are still some not using those techniques and libraries we will have to live with insecure programs. And honestly, even the most smart C coders do mistakes. By moving away from C you get rid of big classes of bugs. And yes, you can still make bugs in Rust or any other safer language, that is no question, but there are fewer classes of bugs you will see and most other languages will cause the program to crash when a bug is made rather than continuing in an unsafe way.
A few decades ago, when I also was a C fan I read Unix Haters Handbook for a gag, but now I do see they had a point when it comes to C. It is a horrible language.
(Score: 1, Funny) by Anonymous Coward on Thursday January 28 2021, @08:32AM (12 children)
C++
(Score: 0) by Anonymous Coward on Thursday January 28 2021, @08:36AM (11 children)
Plus plus? Sounds like marketing speak.
(Score: 1, Touché) by Anonymous Coward on Thursday January 28 2021, @08:42AM (10 children)
Double plus good. You can use OO for moar safety in ur code.
(Score: 5, Insightful) by pvanhoof on Thursday January 28 2021, @09:06AM (9 children)
Looked at the code. If the person who wrote it would have used std::string [cplusplus.com] he wouldn't have made the mistake. But having to use a C++ compiler or even linking with libstd++ is considered evil in the silly ideological minds of some C people.
It's why they make stupid insecure code all the time: ideology.
(Score: 3, Insightful) by darkfeline on Thursday January 28 2021, @11:08AM (3 children)
If C++ wasn't such a ginormous frankenstein, maybe most of the programmers using it wouldn't be making "basic" mistakes.
A lot of people against C++, like Torvalds, are against C++ programmers.
If the spec doesn't fit on a few dozen pages, it's not fit for production since no average user can be assumed to use it correctly.
Join the SDF Public Access UNIX System today!
(Score: 4, Informative) by pvanhoof on Thursday January 28 2021, @11:24AM
Linus doesn't like C++ for kernel development [github.com]. Subsurface [wikipedia.org], however, he and Dirk Honhdel ported from C based Gtk+ to C++ based Qt [wikipedia.org].
Contrary to most C developers, Linus isn't ideological but a pragmatic software developer. Also Linus is definitely not ideological about following himself (the whole 'because Linus does something, it must be good'-concept is absurdly moronic and precisely the kind of stupid ideology that I meant in my earlier comment).
(Score: 4, Insightful) by unauthorized on Thursday January 28 2021, @09:40PM (1 child)
That's like saying an airplane is not fit for operation if you can't fit the technical specifications of all of it's components in a few dozen pages. Most of the C++ spec is meant for compiler developers, it's not aimed at regular developers.
(Score: 0) by Anonymous Coward on Friday January 29 2021, @01:58AM
Those who believe language specs are not for them, are doomed to learn otherwise the hard way.
(Score: 2) by engblom on Thursday January 28 2021, @11:57AM (4 children)
This is one of my points in the OP of this thread. There will always be C/C++ fans defending their programming language by telling that wrong technique or wrong library was used, but the reality is that as long as the compiler allows everything, then there will be people making the system insecure.
Thus I stand by my view that I wish C would die out and that real effort would be put into replacing C and C++.
(Score: 3, Informative) by pvanhoof on Thursday January 28 2021, @12:09PM (3 children)
That real effort is called C++11 [wikipedia.org], C++14 [wikipedia.org] and C++17 [wikipedia.org].
The C++ standards committee have adopted a gradual path towards a better C++.
This isn't and easy hype or sell like "just do Rust" - whatevers. That doesn't work with a huge existing code base to continue supporting. Many of the new things in C++ are all about replacing old crap with much better techniques.
In the field I do indeed see improvement in the overall code quality.
I do know that there are people who want less features and less specification and whatnot. But they should indeed probably use C or just plain assembler. Plain assembler is the most easy programming language you can think of. Also Brainfuck [wikipedia.org] is quite nice having just eight points of specification. This entire specification fits on a 3M Post-IT note. Therefor it is the best programming language. Because its specification is super small. And that is good. Always good. Never bad. /sarcasm.
(Score: 3, Insightful) by HiThere on Thursday January 28 2021, @02:51PM (2 children)
Whether C++ is good or not depends on what you're doing. If you need bytes aligned in a struct (say for binary I/O) you need to go outside the specs to write the program. I think that there are always ways to specify alignment, but they aren't standard.
It's also got the problem that it's insanely poorly documented. Not that it isn't documented exactly or completely, but that the documentation is poor. Python, Java, C, and several others have much better documentation. Even Ada is better. (With assembler you need to specify which assembler for which CPU, but some of them have better documentation...though usually less complete.) I've got 10 different C++ books, and sometimes I need to search through all of them, and also do a few web searches, to figure out how to use some part of C++. And occasionally the answer is "there is no standard way, but if you use this compiler, then you can use this approach".
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by unauthorized on Thursday January 28 2021, @09:51PM
There is a core language standard if cumbersome way to align data by manually packing and unpacking it into a byte buffer using bitwise operators to extract individual bytes from multibyte sequences. The actual "standard" way is to use Boost.
(Score: -1, Flamebait) by Anonymous Coward on Saturday January 30 2021, @03:03AM
Maybe you're just to stupid to understand a real language. Stick with your toy languages. They are easier. Oh, and only fucktard MORONS say "assembler." It's "assembly language." Assembler is a tool. What, do you call C, "compiler"?
(Score: 1, Insightful) by Anonymous Coward on Thursday January 28 2021, @11:09AM (6 children)
I disagree, the exploitability of bugs like these are inherent to how computers work — it’s not specifically a problem with C. When you use a language like Go or Rust you are simply offloading this responsibility to someone else (the developers of that language).
(Score: 2) by engblom on Thursday January 28 2021, @12:04PM (3 children)
Of course a compiler will translate everything to "insecure" machine language, but those writing compilers are in general better programmers than Random Joe who just learned to program in C/C++ begun contributing to open source projects that I end up using. The fewer that have to touch C/C++ the better. My point is that there will always be bad programmers using C/C++ and even good programmers do occasionally a mistake. If we can reduce the places where these kind of bugs are, then we are better off.
(Score: 2) by HiThere on Thursday January 28 2021, @02:59PM (2 children)
C++ certainly has its problems, but Rust isn't that great a solution. Perhaps it depends on what you're doing.
For my taste the best programming language I ever encountered was version 1 of the D language shortly before those folk who like Java's style of I/O got their mitts into it. Version 2 is not nearly as good. (Others seem to like version 2 much better.)
Part of my problem is that there doesn't seem to be any language that really supports immutable message passing between threads that doesn't require everything to be immutable...which is a really bad idea for many purposes. Erlang is close, but mutating local data is a real PITA. (Basically you need to stick everything that needs to mutate into a hash table or database. Ugh.)
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by engblom on Thursday January 28 2021, @04:30PM (1 child)
My whole point in the OP of this thread was that we should put all effort to find a good solution. This problem with C/C++ is nothing new. We have had C for almost a half century and these problems with security been known for many decennials. It is an unforgivable situation that we still have not solved this. As I said earlier, if Rust is not good enough then efforts need to be put in making it good or then efforts needs to be put towards creating a better language that is still compatible with C, so you can replace part of the code without having to rewrite everything from scratch. Even Rust is several decennials too late as we have had this problem for so long time.
Why do big companies create programming language after programming language without caring about this? If we could sue MS, Apple, Google etc for shipping these kind of security problems in their OS I bet they would create a language that solves these problem. But now as they are not accountable for their products they do not care enough.
(Score: 2) by hendrikboom on Friday January 29 2021, @08:57PM
There are alternatives to Rust.
Consider Scheme. Specifically, the Gambit [umontreal.ca] implementation [umontreal.ca] of Scheme.
Its compiler generates C code from Scheme source, and explicitly permits you to specify what C code is to be generated for any new functions you define in your program should you wish to.
Compatible with C? Yes. You can even use it as a scripting language for existing C code if you desire. And it can be efficiently compiled all the way to machine code if you have a C compiler on hand.
(and it can also generate C++ if you need that)
Now I grant that this is a completely different kind of language from Rust, and is not likely to appeal to a lot of Rust programmers.
But it's clear that the space of potential C-compatible safe programming languages is vast and has hardly been explored.
(Score: 5, Insightful) by Grishnakh on Thursday January 28 2021, @05:43PM (1 child)
When you use a language like Go or Rust you are simply offloading this responsibility to someone else (the developers of that language).
Yes, and that's a good thing. The people writing compilers are generally much better programmers than the average programmers using those languages, and when the language devs fix a bug, suddenly that whole class of problem or vulnerability is eliminated for *all* programs compiled with that compiler, instead of countless average programmers having to go check their code manually.
(Score: 2, Insightful) by Anonymous Coward on Friday January 29 2021, @01:46AM
https://gcc.gnu.org/bugzilla/ [gnu.org]
Look here prior to fantasizing.
Note that some bugs in there stay unfixed for a decade or more.
Also note that people who modify sudo of all things, are *supposed* to be even more qualified, and more careful, than those who hack at compilers. Observe the fat lot of good it has done.
The ONLY way for such vulnerabilities not to crop up, is for people to STOP MONKEYING WITH THINGS THAT WORK and STOP PILING UP COMPLEXITY FOR THE SAKE OF IT.
Behold the commit that caused all this:
https://github.com/sudo-project/sudo/commit/8255ed69 [github.com]
" Go back to escaping the command args for "sudo -i" and "sudo -s"
before calling the plugin. Otherwise, spaces in the command args
are not treated properly. The sudoers plugin will unescape non-spaces
to make matching easier."
Plugins. In sudo. Need anything more be said?
(Score: 0) by Anonymous Coward on Thursday January 28 2021, @07:31PM (2 children)
i agree. eventually companies will start requiring a mem safe lang be used and all these curmudgeons will regret their stance. I have very little desire to learn c and C++, even though i only program for web and linux. I thought i wanted to learn C but when i started reading The C Programming Language i couldn't believe how tedious it was. The book also assumed you knew acronyms and shit. Very aggravating. C++ looks like a clusterffuck version of C. Fuck all that noise. I want to use something like nim. Easy, clean syntax, type and mem safety, at bare metal performance. This is not 1970, ffs.
(Score: 1, Touché) by Anonymous Coward on Friday January 29 2021, @01:54AM (1 child)
And when all those old curmudgeons who had that desire, do die away, no one will come save you apes when your toy world falls to pieces around you. If you cannot maintain your civilization, you do not deserve one.
(Score: 0) by Anonymous Coward on Friday January 29 2021, @07:46PM
it's not my fault c is a crusty old turd. you c lovers who wrote all this vulnerable ass software need to be the ones to port it. why is your vulnerable shit my responsibility?
(Score: 2) by epitaxial on Thursday January 28 2021, @07:42PM
The OpenBSD people don't have much of a problem with it.
(Score: 0) by Anonymous Coward on Friday January 29 2021, @07:22AM
C is probably the best programming language that EVER existed; AND is still widely used today. It should be and it has it's place. Security this, security that, yablabblahblahblah. Maybe if we didn't stick computers up our asses and build a society that would crumble within a month of a huge solar event; we'd be all right. Most of the zero-days in software are introduced intentionally by state actors anyway. One hand sets 'em up, the other knocks 'em down.
Scalpels are sharp and dangerous; therefore only robots should wield them. Eh...
We probably all just like the programming language we know best. In the end, each one is a tool. Some of them are powerful. Some of them are niche. Some of them are cliche. Some of the are a joke. Some of them are cute. Some of them are fun. Some of them are extremely useful. Etc.. etc.. etc..
(Score: 2) by leon_the_cat on Friday January 29 2021, @09:06PM
You talk out your ass. C is a language to create a language you can extend it and do whatever you want.
(Score: 0) by Anonymous Coward on Saturday January 30 2021, @02:58AM
Oh great, now we're going to hear from all the kiddies too stupid to understand real languages like C and C++. You know underneath your toy languages is C or C++, right fucktard?