Tare da kunna zaɓin pwfeedback a cikin saitunan sudo, mai kai hari na iya haifar da buffer ambaliya kuma ya haɓaka gatansu akan tsarin.
Wannan zaɓi yana ba da damar nunin gani na haruffan kalmar sirri da aka shigar azaman alamar *. A yawancin rarrabawa ana kashe shi ta tsohuwa. Duk da haka, in Linux Mint и Ƙaddamarwa OS an haɗa shi cikin /etc/sudoers.
Don yin amfani da rauni ga maharin Ba dole ba ne kasance cikin jerin masu amfani da aka ba su damar gudanar da sudo.
Rashin lahani yana nan a ciki sudo iri daga 1.7.1 a kan 1.8.30. Sigar rauni 1.8.26-1.8.30 da farko ana tambaya, amma a halin yanzu an san tabbas cewa su ma suna da rauni.
CVE-2019-18634 - ya ƙunshi bayanan da suka gabata.
An daidaita raunin a cikin sigar 1.8.31. Idan ba zai yiwu a ɗaukaka ba, zaku iya kashe wannan zaɓi a /etc/sudoers:
Defaults !pwfeedback
source: linux.org.ru