So does this mean sudo -s doesn't work? If not, why the implementation? Why
does an "-s" switch exist if it provides no functionality?
On Thu, Apr 4, 2019, 11:55 AM Seth Arnold <email address hidden>
wrote:
> You should use sudo -i to get a clean root login without your local user
> configuration seeping into the shell.
>
> Thanks
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1823202
>
> Title:
> HOME points to something not owned by user in sudo
>
> Status in sudo package in Ubuntu:
> New
> Status in zsh package in Ubuntu:
> New
>
> Bug description:
> <CcxWrk> You shouldn't use interactive shell, or any program with
> executable configuration, while your HOME points to something not
> owned by your user. That's the big issue and it's with sudo, not zsh,
> not omz, not any other shell or application you launch. <CcxWrk> You
> can go shout "you are doing security wrong" at Ubuntu. Good luck.
>
> ╭─rkm@Khadas ~
> ╰─➤ id rkm && getent passwd rkm
> uid=1001(rkm) gid=1001(rkm)
> groups=1001(rkm),0(root),4(adm),5(tty),6(disk),20(dialout),21(fax),24(cdrom),25(floppy),26(tape),27(sudo),29(audio),30(dip),44(video),46(plugdev),50(staff),60(games),100(users),101(systemd-journal),104(input),108(netdev),112(bluetooth),113(lpadmin),121(pulse-access)
> rkm:x:1001:1001:Ryan McKee,,,,:/home/rkm:/usr/bin/zsh
>
> ╭─rkm@Khadas ~
> ╰─➤ sudo /usr/bin/env
> 1 ↵
> LC_MESSAGES=en_US.UTF-8
> LANG=en_US.UTF-8
> LANGUAGE=en_US.UTF-8
> TERM=xterm-256color
> XAUTHORITY=/home/rkm/.Xauthority
> COLORTERM=truecolor
> DISPLAY=:0.0
>
> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
> HOME=/home/rkm
> LC_CTYPE=en_US.UTF-8
>
> LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
> MAIL=/var/mail/root
> LOGNAME=root
> USER=root
> USERNAME=root
> SHELL=/bin/bash
> SUDO_COMMAND=/usr/bin/env
>
>
> SUDO_USER=rkm
> SUDO_UID=1001
> SUDO_GID=1001
> ╭─rkm@Khadas ~
> ╰─➤
>
> <Eickmeyer> CyberManifest: sudo is a package. Also, once filed, add
> zsh to the bug since it could be a bug in zsh's package as well.
>
> <Eickmeyer> Not necessarily zsh itself, but the packaging.
>
> ProblemType: Bug
> DistroRelease: Ubuntu 18.04
> Package: sudo 1.8.21p2-3ubuntu1
> Uname: Linux 4.9.40 aarch64
> ApportVersion: 2.20.9-0ubuntu7.6
> Architecture: arm64
> CurrentDesktop: XFCE
> Date: Thu Apr 4 11:07:42 2019
> SourcePackage: sudo
> UpgradeStatus: No upgrade log present (probably fresh install)
> VisudoCheck:
> /etc/sudoers: parsed OK
> /etc/sudoers.d/README: parsed OK
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1823202/+subscriptions
>
So does this mean sudo -s doesn't work? If not, why the implementation? Why
does an "-s" switch exist if it provides no functionality?
On Thu, Apr 4, 2019, 11:55 AM Seth Arnold <email address hidden>
wrote:
> You should use sudo -i to get a clean root login without your local user /bugs.launchpad .net/bugs/ 1823202 1001(rkm) ,0(root) ,4(adm) ,5(tty) ,6(disk) ,20(dialout) ,21(fax) ,24(cdrom) ,25(floppy) ,26(tape) ,27(sudo) ,29(audio) ,30(dip) ,44(video) ,46(plugdev) ,50(staff) ,60(games) ,100(users) ,101(systemd- journal) ,104(input) ,108(netdev) ,112(bluetooth) ,113(lpadmin) ,121(pulse- access) 1001:Ryan McKee,, ,,:/home/ rkm:/usr/ bin/zsh en_US.UTF- 8 en_US.UTF- 8 /home/rkm/ .Xauthority local/sbin: /usr/local/ bin:/usr/ sbin:/usr/ bin:/sbin: /bin:/snap/ bin en_US.UTF- 8 rs=0:di= 01;34:ln= 01;36:mh= 00:pi=40; 33:so=01; 35:do=01; 35:bd=40; 33;01:cd= 40;33;01: or=40;31; 01:mi=00: su=37;41: sg=30;43: ca=30;41: tw=30;42: ow=34;42: st=37;44: ex=01;32: *.tar=01; 31:*.tgz= 01;31:* .arc=01; 31:*.arj= 01;31:* .taz=01; 31:*.lha= 01;31:* .lz4=01; 31:*.lzh= 01;31:* .lzma=01; 31:*.tlz= 01;31:* .txz=01; 31:*.tzo= 01;31:* .t7z=01; 31:*.zip= 01;31:* .z=01;31: *.Z=01; 31:*.dz= 01;31:* .gz=01; 31:*.lrz= 01;31:* .lz=01; 31:*.lzo= 01;31:* .xz=01; 31:*.zst= 01;31:* .tzst=01; 31:*.bz2= 01;31:* .bz=01; 31:*.tbz= 01;31:* .tbz2=01; 31:*.tz= 01;31:* .deb=01; 31:*.rpm= 01;31:* .jar=01; 31:*.war= 01;31:* .ear=01; 31:*.sar= 01;31:* .rar=01; 31:*.alz= 01;31:* .ace=01; 31:*.zoo= 01;31:* .cpio=01; 31:*.7z= 01;31:* .rz=01; 31:*.cab= 01;31:* .wim=01; 31:*.swm= 01;31:* .dwm=01; 31:*.esd= 01;31:* .jpg=01; 35:*.jpeg= 01;35:* .mjpg=01; 35:*.mjpeg= 01;35:* .gif=01; 35:*.bmp= 01;35:* .pbm=01; 35:*.pgm= 01;35:* .ppm=01; 35:*.tga= 01;35:* .xbm=01; 35:*.xpm= 01;35:* .tif=01; 35:*.tiff= 01;35:* .png=01; 35:*.svg= 01;35:* .svgz=01; 35:*.mng= 01;35:* .pcx=01; 35:*.mov= 01;35:* .mpg=01; 35:*.mpeg= 01;35:* .m2v=01; 35:*.mkv= 01;35:* .webm=01; 35:*.ogm= 01;35:* .mp4=01; 35:*.m4v= 01;35:* .mp4v=01; 35:*.vob= 01;35:* .qt=01; 35:*.nuv= 01;35:* .wmv=01; 35:*.asf= 01;35:* .rm=01; 35:*.rmvb= 01;35:* .flc=01; 35:*.avi= 01;35:* .fli=01; 35:*.flv= 01;35:* .gl=01; 35:*.dl= 01;35:* .xcf=01; 35:*.xwd= 01;35:* .yuv=01; 35:*.cgm= 01;35:* .emf=01; 35:*.ogv= 01;35:* .ogx=01; 35:*.aac= 00;36:* .au=00; 36:*.flac= 00;36:* .m4a=00; 36:*.mid= 00;36:* .midi=00; 36:*.mka= 00;36:* .mp3=00; 36:*.mpc= 00;36:* .ogg=00; 36:*.ra= 00;36:* .wav=00; 36:*.oga= 00;36:* .opus=00; 36:*.spx= 00;36:* .xspf=00; 36: /usr/bin/ env d/README: parsed OK /bugs.launchpad .net/ubuntu/ +source/ sudo/+bug/ 1823202/ +subscriptions
> configuration seeping into the shell.
>
> Thanks
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https:/
>
> Title:
> HOME points to something not owned by user in sudo
>
> Status in sudo package in Ubuntu:
> New
> Status in zsh package in Ubuntu:
> New
>
> Bug description:
> <CcxWrk> You shouldn't use interactive shell, or any program with
> executable configuration, while your HOME points to something not
> owned by your user. That's the big issue and it's with sudo, not zsh,
> not omz, not any other shell or application you launch. <CcxWrk> You
> can go shout "you are doing security wrong" at Ubuntu. Good luck.
>
> ╭─rkm@Khadas ~
> ╰─➤ id rkm && getent passwd rkm
> uid=1001(rkm) gid=1001(rkm)
> groups=
> rkm:x:1001:
>
> ╭─rkm@Khadas ~
> ╰─➤ sudo /usr/bin/env
> 1 ↵
> LC_MESSAGES=
> LANG=en_US.UTF-8
> LANGUAGE=
> TERM=xterm-256color
> XAUTHORITY=
> COLORTERM=truecolor
> DISPLAY=:0.0
>
> PATH=/usr/
> HOME=/home/rkm
> LC_CTYPE=
>
> LS_COLORS=
> MAIL=/var/mail/root
> LOGNAME=root
> USER=root
> USERNAME=root
> SHELL=/bin/bash
> SUDO_COMMAND=
>
>
> SUDO_USER=rkm
> SUDO_UID=1001
> SUDO_GID=1001
> ╭─rkm@Khadas ~
> ╰─➤
>
> <Eickmeyer> CyberManifest: sudo is a package. Also, once filed, add
> zsh to the bug since it could be a bug in zsh's package as well.
>
> <Eickmeyer> Not necessarily zsh itself, but the packaging.
>
> ProblemType: Bug
> DistroRelease: Ubuntu 18.04
> Package: sudo 1.8.21p2-3ubuntu1
> Uname: Linux 4.9.40 aarch64
> ApportVersion: 2.20.9-0ubuntu7.6
> Architecture: arm64
> CurrentDesktop: XFCE
> Date: Thu Apr 4 11:07:42 2019
> SourcePackage: sudo
> UpgradeStatus: No upgrade log present (probably fresh install)
> VisudoCheck:
> /etc/sudoers: parsed OK
> /etc/sudoers.
>
> To manage notifications about this bug go to:
> https:/
>