sudo: wheel NOPASSWD false positive

Question

blshkv opened this issue 4 years ago · 1 comments

Hello, I have sudo with permissive line:
%wheel ALL=(ALL) NOPASSWD: ALL

traitor reports false positive on all vulnerable test cases, and even pops a shell. But it can't exploit anything if the line is removed.

Answer 1 · 2022-03-11T20:29:35.000Z

Could make sense to test from a non administrator account not belonging to the wheel group.