• 0x4E4F@sh.itjust.worksOP
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    3 months ago

    Sorry (again 😂, this happens quite a lot with you, lol), it’s early in the morning here, didn’t have my coffee yet.

    If the question is can privileges be escalate later on while a command or a script is executing, the answer is yes. You can also deescalate them once the root creds stuff is done executing. You just have to make it clear in the script or the command that “you do this with root creds, but then you continue with user creds”.

    The point I was trying to make with my previous comment was that, if a process (command, script, whatever) is ran with root privileges, every program, command, script it invokes later on is ran with root privileges, unless it’s specifically noted to run this or that part with some other privileges.

    • Kairos@lemmy.today
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      3 months ago

      That also does not answer my question. I must’ve said it wrong.

      I was wondering “if I run a single command with sudo, and the timeout to when I would have to enter my password again for another sudo is aay 5 minutes, and I run another command without sudo within those five minutes inside that same shell, would that command be able to maliciously elevate itself using sudo?”

      • 0x4E4F@sh.itjust.worksOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        If by maliciously you mean a virus might take advantage of the system in those 5 minute, the answer is, yes, it is possible… not likely, but possible.

        If the question was, can the shell by itself escalate a command that does not have sudo in front of the command, the answer is no. If it did that, than there are some serious bugs in the code… or some malicious code planted in it. By definition, it’s not supposed to do what you don’t tell it to do.