On a colleagues computer, everytime I use a sudo command, I get this error:
sudo: must be setuid root
I tried various things mentioned on the internet, like changing the permissions to 4755 from a live cd, but even this command from a live-cd
sudo chmod 4755 /media/device/usr/bin/sudo
gives the same error.
EDIT: The colleague told me that he executed this command, god knows why :/
sudo chmod -R 777 / or sudo chmod -R 777 He isnt exactly sure.
Reboot the computer,choose recovery console and type the following commands
chown root:root /usr/bin/sudo
chmod 4755 /usr/bin/sudo
Reboot the machine.
Also have a look at this link for fixing broken sudo.
sudo, but won't fix the infinitely many other things that were broken on the system.
– 000
Feb 18 '24 at 20:26
After executing sudo chmod -R 777 / I'd recommend to urgently reinstall the whole system from scratch. The command opens too much security holes, as any and every file on the system became readable (and writable!) by any user - including /etc/shadow, /etc/hosts, and even /usr/bin/sudo and /bin/ls themselves! Your system may look like a colander - every minute of using it means catastrophic risk and losses, especially when connected to the Internet. And fixed permissions to just sudo won't do anything at all.
Consider also this question.
It is just as much heavier to restore all permissions to the file system to the out-of-the-box install state, that it is more secure and faster to reformat partitions and reinstall the system than trying to undo a
sudo chmod -R 777 /
command. A system with 777 (rwxrwxrwx) permissions is just hopelessly broken. Any malware that attacks a security hole allowing execution of arbitrary code via browser can modify root-owned scripts and executables, while setuid's like sudo won't work if they are checking executable's permissions ...
In other words, on a system with world-writable 777 permissions browser cache is treated the same way the kernel image is. Simply nonsense.
In fact, sudo is checking its own permissions and they should be 4755 (rwsr-xr-x), but your friend had reset permissions to 0777 (rwxrwxrwx), which prevents sudo from running as it runs some security checks prior to starting your designated command.
But, anyway, sudo is pointless as you have already given world-executable permissions to any program on the computer, including possible malware in browser cache!
Format and reinstall is the safest way as your entire drive should be quarantined.
Once you fix the permissions on sudo, then use sudo along with the same method to recursively fix the permissions (same -R parameter used to screw up the whole system in the first place, only on both the chown AND chmod commands) on /etc, /boot, /sbin, /bin, /dev, /proc, /sys, and /usr. That should mitigate the security issues at least to the point where the system is usable.
Then again, a full reinstall would be easier should an attacker obtain control of your system (which they will if you're connected to the Internet at all while these permissions are being fixed), since it would be very difficult to take that control back otherwise.
ls -l /usr/bin/sudo? – karthick87 Jan 17 '11 at 06:57rwxrwxrwx root:root 2 sudo– theTuxRacer Jan 17 '11 at 07:03