Уязвимость в sudo




What's more interesting is that this flaw can be exploited by an attacker to run commands as root just by specifying the user ID "-1" or «4294967295.»
That's because the function which converts user id into its username incorrectly treats -1, or its unsigned equivalent 4294967295, as 0, which is always the user ID of root user.

Перемещено leave из talks