The following article describes common security issues regarding misconfigured sudoers’ files. The article focuses on a single entry which contains several security issues: hacker10 ALL= (root) /bin/less /var/log/* The article is split into the following five chapters: PART 1: Command Execution PART 2: Insecure Functionality PART 3: Permissions PART 4: Wildcards PART 5: Recapitulation Another pitfall […]