Users login

Create an account »


Users login

Home » Security Advisories» FreeBSD » Sudo port enables local privilege escalation

Sudo port enables local privilege escalation

The sudo port, versions prior to sudo-, contains a vulnerability that may allow a local user to obtain superuser privileges.

  • Vendor: FreeBSD
  • Vendor ID: SA-02:06
  • Date: January 16, 2002


FreeBSD-SA-02:06 Security Advisory
FreeBSD, Inc.

Topic: sudo port may enable local privilege escalation

Category: ports
Module: sudo
Announced: 2002-01-16
Credits: Sebastian Krahmer
Affects: Ports collection prior to the correction date
Corrected: 2002-01-15 02:56:33 UTC
FreeBSD only: NO

I. Background

Sudo is a program designed to allow a sysadmin to give limited root
privileges to users and log root activity.

II. Problem Description

The sudo port, versions prior to sudo-, contains a
vulnerability that may allow a local user to obtain superuser

If a user who has not been authorized by the system administrator
(listed in the `sudoers' file) attempts to use sudo, sudo will send an
email alert. When it does so, it invokes the system mailer with
superuser privileges, and with most of the user's environment intact.

The sudo port is not installed by default, nor is it "part of
FreeBSD" as such: it is part of the FreeBSD ports collection, which
contains over 6000 third-party applications in a ready-to-install
format. The ports collection shipped with FreeBSD 4.4 contains this
problem since it was discovered after the release.

FreeBSD makes no claim about the security of these third-party
applications, although an effort is underway to provide a security
audit of the most security-critical ports.

III. Impact

If the system mailer's behavior can be influenced by the settings of
environmental variables, then an attacker may obtain superuser
privileges. There is at least one mailer (postfix) that can be
influenced in this fashion.

IV. Workaround

1) Deinstall the sudo port/package if you have it installed.

V. Solution

1) Upgrade your entire ports collection and rebuild the port.

2) Deinstall the old package and install a new package dated after the
correction date, obtained from the following directories:


Packages are not automatically generated for the alpha architecture at
this time due to lack of build resources.

NOTE: It may be several days before updated packages are available.

3) Download a new port skeleton for the sudo port from:

and use it to rebuild the port.

4) Use the portcheckout utility to automate option (3) above. The
portcheckout port is available in /usr/ports/devel/portcheckout or the
package can be obtained from:

VI. Correction details

The following list contains the revision numbers of each file that was
corrected in the FreeBSD ports collection.

Path Revision
- -------------------------------------------------------------------------
ports/security/sudo/Makefile 1.43
ports/security/sudo/distinfo 1.26
- -------------------------------------------------------------------------
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »