Commits
Peter Korsgaard committed fddb760946a
sudo: add upstream security patch for CVE-2017-1000367 CVE-2017-1000367 - Potential overwrite of arbitrary files on Linux On Linux systems, sudo parses the /proc/[pid]/stat file to determine the device number of the process's tty (field 7). The fields in the file are space-delimited, but it is possible for the command name (field 2) to include spaces, which sudo does not account for. A user with sudo privileges can cause sudo to use a device number of the user's choosing by creating a symbolic link from the sudo binary to a name that contains a space, followed by a number. If SELinux is enabled on the system and sudo was built with SELinux support, a user with sudo privileges may be able to to overwrite an arbitrary file. This can be escalated to full root access by rewriting a trusted file such as /etc/shadow or even /etc/sudoers. For more details, see: https://www.sudo.ws/alerts/linux_tty.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com>