zsudo makes it anyone can have remote access

Bug #996222 reported by Joseph Mills on 2012-05-07
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Zpanel cp X
Undecided
Joseph Mills

Bug Description

If you look at how zsudo is running from the source files
since the zsudo does echo %s...so [s]he/scumbag can reboot the server, change password etc etc...

Joseph Mills (josephjamesmills) wrote :
Joseph Mills (josephjamesmills) wrote :

Remove the program all together and looking for new way to implant features that where lost

visibility: private → public
Changed in zpanelcp:
status: Confirmed → Fix Committed
Changed in zpanelcp:
status: Fix Committed → Fix Released
status: Fix Released → Fix Committed
Changed in zpanelcp:
importance: Critical → Wishlist
importance: Wishlist → Undecided
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers