SECURITYUbuntu fixes bugs that standard users can use to...

Ubuntu fixes bugs that standard users can use to become root


Ubuntu fixes bugs that standard users can use to become root

Kevin Backhouse, a GitHub researcher, needed only a few commands to show that ordinary users would become administrators with full access to the system.

Ubuntu developers have fixed a number of vulnerabilities that have made it easier for standard users to obtain root privileges.

“This blog post is about a surprisingly straightforward way to increase privileges on Ubuntu,” wrote Kevin Backhouse, a GitHub researcher, in a post published last Tuesday. “With a few simple commands on the terminal and a few clicks of the mouse, a standard user can create an administrator account for himself.”

The first series of commands triggered a denial of service bug in a daemon called accounts service, which, as its name suggests, is used to manage user accounts on the computer.

To do this, Backhouse created a Symlink that linked a file named .pam_environment to / dev / zero, changed the regional language setting, and sent a SIGSTOP to the account service.

With the help of a few extra commands, Backhouse was able to set a timer that gave him enough time to log out of the account before the account service crashed. When done correctly, Ubuntu would restart and open a window that allowed the user to create a new account that, you guessed it, had root privileges.

Video shows the creation of Admin account

Ubuntu fixes bugs that standard users can use to become root

Backhouse said that Ubuntu uses a modified version of the account service that contains code that is not included in the original version. The extra code looks for the .pam_environment file in the home directory. When making the file a symbolic link to / dev / zero, .pam_environment is stuck in an infinite loop.

The second bug involved in the hack resided in the GNOME display manager, which among other things manages user sessions and the login screen. The display manager, which is usually abbreviated as gdm3, also triggers the initial configuration of the operating system when it detects that no user currently exists.

“How does gdm3 check how many users are on the system?” Backhouse asked rhetorically. “You probably already guessed it: asking the daemon accounts! So what happens if the account daemon doesn’t respond? The relevant code is here.”

The vulnerabilities could only be triggered when someone had physical access and a valid account on a vulnerable machine. It only worked on desktop versions of Ubuntu.

The solution

Open-source operating system maintainers fixed the bugs last week. Backhouse, who said he found the vulnerabilities by accident, has much more technical details in the blog post linked above.

More in NUpgrade

I am a web developer, and digital marketer I love programming, and technologies, always looking for new technologies and new challenges.

Latest Articls

ASUS Zenbook 14 UX435 Notebook Review: Two screens, top battery, and very beautiful

ASUS Zenbook 14 UX435 Notebook Review, highlighting two screens and a long-lasting battery, is it worth paying more than $1100?

What changes in the new iMac 2021?

It's not just more colors and a slimmer design, there's been a huge leap in performance. Check out everything that has improved in the new iMac 2021 over the past generation.

How to recover deleted or corrupted files 2021 (Windows and Android)

How to recover deleted or corrupted files 2021 (Windows and Android)Accidentally deleting a file or having corrupted media is...

The best free antivirus for Windows in 2021

Having an antivirus on your computer is a way to keep yourself protected from the major viruses and malware on the Internet. Check out the best free antivirus for Windows!

A new version of Instagram for children under 13 ?!

Instagram for children under 13 ?!Facebook plans to introduce a new version of Instagram soon. The version will only be...

Microsoft officially announces the acquisition of ZeniMax Media, Bethesda’s parent company

Microsoft's acquisition of ZeniMax Media is officially announced on Tuesday (09). Check out what each company said about it.

Must Popular

Tik Tok: This is how the “Freeze Frame” effect is done

During the quarantine many have seen how the videos with "Freeze Frame" effect have...

Best off-road GPS apps for android and ios IOS in 2021

Best off-road GPS apps for android and ios iPhone in 2021, best off tail map apps for all platforms and devices phone, iPad, Tablets, laptops…

Minimum requirements to run Minecraft on PC in 2020

See the minimum and recommended requirements to run Minecraft in 2020 Minecraft on your computer; The most successful game among the new galley.

how to connect ps4 controller to pc: super easy ways

Table Of ContentsHow to use the PS4 DualShock controller in SteamHow to connect the...

What is a USB Type-B cable and what is it for?

What is a USB Type-B cable and what is it for?If you are looking...

You might also likeRELATED
Recommended to you