By design security issues with linux default limited accounts (Ubuntu's sudo is not secure)

[ Thanks to Mihai Varzaru for this link. ]

"1. The problem
In Ubuntu gksu and sudo can be hijacked by an attacker who already has access to the current non-administrative account. In order to do that you can simply create a bin directory in your home folder, add that directory to PATH and create in it the scripts: gksu and sudo. The scripts would silently run any application the attacker wants with root privileges and start the application you wanted to start in the first place so that you won't notice a thing.

"So, after the attacker application (got on a website with a firefox bug for example) gets access to your limited account all it has to do in order to get root access is the above and wait for you run something with administrative rights (like synaptic from the menu; at some point even the updater which runs automatically was calling gksu with a relative path)."

Complete Story

Related Stories:

• 10 Expert Ubuntu Tricks(Apr 14, 2009)
• Master Your Linux Keyboard (And Fix Caps Lock Forever)(Jul 10, 2007)
• What Happens When You Run "sudo rm -rf /" (video)(Apr 10, 2009)
• Running Complex Commands with sudo(Apr 03, 2009)
• Stop Telling sudo Your Password(Mar 21, 2009)
• sudo: Running a Command with root Privileges(Dec 27, 2008)
• sudo, or Not sudo: That is the Question(Feb 10, 2008)
• Running Firefox as Another User, Using sudo(Apr 24, 2007)
• PolishLinux: Sudo FAQ(Feb 27, 2007)
• Linux.com: CLI Magic: sudo Voodoo(Nov 08, 2005)