You want to look at /etc/sudoers.d/0pwfeedback. Change its contents to:
Default !pwfeedback
or just remove the file until sudo gets patched.
Posts by Blasio Muscat
5 publicly visible posts • joined 24 Jul 2007
Oh ****... Sudo has a 'make anyone root' bug that needs to be patched – if you're unlucky enough to enable pwfeedback
Kernel.org Linux repository rooted in hack attack
Tuesday 13th September 2011 21:43 GMT
Normally you'd pull in commits on the branches you're interested in when you need them, rather than pulling in all branches in a cron job. Still, if you did have such an automated process and someone messed with the source repository the pull would fail.
An attacker could however add commits at the tip of any branch and those would get through.
Pope praises Galileo, celebrates the Solstice
Astronauts chuck fridge off space station
Tuesday 24th July 2007 17:14 GMT
Re: Probability
Actually there's a probability of 1 in 5000 that it will hit anyone at all. The probability that it hits you if it does hit someone would be 1/6.6billion assuming a uniform distribution, but since it's in orbit around the earth, the probability is much higher under the orbit, and tapers out to zero the farther out you move. Quite frankly I've no idea what the actual distribution ends up being. I'd guess Guassian with a really tight sigma.
Biting the hand that feeds IT
