I once did a HackTheBox where the privilege escalation weakness was a cronjob running a script. I’m not sure if I correctly remember all the details, but I think it read some parameters from a file and fed them to some other script. Since it had something to do with the webserver the user was administrating, they needed write access to the file, granted via ACL. That took me a while to spot, actually. Not sure why, but ACL is a constant blind spot for me. As for passing the parameters, you can just append the contents of the file to the command and pipe it to bash.
I don’t recall what the normal script did, but it needed writing permissions for something. The proper way to do this would be ACL, but I guess I’m not the only one with a blind spot. The easy way to ensure the script can do whatever it needs to is to
sudothe whole thing.So what do you do if you have a script running every ten minutes, reading the first line of a file you can edit, then executing it with superuser privileges?
Whatever the fuck you want.
You mean we shouldn’t have a ‘while true; eval $file’ job running as root??? Goddammit, someone help me fix my remote admin script!!!
Sudo !!
👌👌👌 perfection
Sudo -iIMO the “year of the Linux desktop” will come when distros are designed for people who shouldn’t even be allowed to use sudo.
Let me introduce you to atomic distros.
I moved my father on Bluefin 1.5 years ago from his antique MacBook Air. He doesn’t know
sudoexists. He has never heard ofujust. He doesn’t even command line. He hasn’t had to do a single update because it all happens in the background. He just… uses it.doesn’t even have to be atomic, I rescued my wife’s shit laptop using Ubuntu Mate (snaps booing in background) and she has never seen the command line unless I open it. It’s been like that for over a year at least.
Yes, but contrary to atomic distros, it’s not explicitely designed to be as administration free as possible.
All you need is a single sudo su, correct.
- Turn on monitor.
- Sudo su
- Copying and pasting terminal commands I find off the Internet
- Living life to the fullest.
alias rm="rm -rf"; alias cd="rm ~/Desktop; cd"; pyhton="shutdown now"People wouldn’t just go on the Internet and lie… would they?
sudo man sudo
How else will the OS know I’m serious ?
“Yes, Do as I say!”
Yeah I only use sudo once, for the su.
I just delete every user but root.
… but why? “sudo -i” is a thing. Why get another program involved?
Some people just want to watch the world burn.
Some people think before they type. They also do not think mindlessly typing “sudo” before every fucking line in bash is a valid substitute for knowing what they do. Many of them have been doing so for decades on HPUX, Solaris, BSDs and IRIX on their own and other people’s/companies machines, not just on their single bedroom machine.
I don’t think many people know about this feature
Personally it’s because my fingers are already on “s” and “u”.
It’s easier to just call su once and run every single command as root rather than having to randomly use sudo for some commands and not for others (/s if it’s not obvious)
But you can do that without involving ‘su’.
I don’t use sudo.
Ever.
It’s disabled by default in slackware, and I don’t know why it’s even there.Tell me how you can run rm rf / no preserve root without su, I’m waiting.
Is this some kind of joke going over my head or something?
Run “sudo -i” then run “rm -rf --no-preserve-root”
Yeah I’m just joking around. I pretty much never use su except in rare cases
But rm -fr / * seems not to work for removing the French language pack. Can someone confirm if it works with sudo?
Ah, I see your problem, you need to add
--no-preserve-root.See the French are super into wine - and grape vines are notoriously hard to get rid of, so if you want to really get rid of the French language pack, you need to rip that grapevine out by the root (e.g. don’t preserve the root). Otherwise, the French language pack will just grow back harder and Frenchier than before.
Sacrebleu!
Mondieu!
How could I have forgotten that?
Works fine with sudo, removes all the French bloat.
I see French bloated my system to the fullest!
Glad you fixed it. Don’t forget to reboot.
Shut the front door!
In a lot of situations it’s actually bad to use sudo because it can impact settings that make programs or file ownership go to root instead of the user.
sudo -i -u user -s /usr/bin/bashmakepkg won’t even run as root iirc
You’ve got to be a damn idiot jumping over his own shadow to get that done. How would you even do that? Running
chown -R root.rootover directories or mount points? Deleting files in /dev or /run and recreating them using “touch” without looking up ownerships before? I wrote “touch” because anyone proceeding to “mknod” would at least have read some man pages. BTW, you’d need su for that rather than sudo.
Just once.
sudo -s
I mean, yeah, it’s your computer. Just login on the root account, nothing bad ever comes of that, not even once, nope.
Oh, you mean better use doas everywhere? Got it.
sudo dnf --help
