Follow

Root access on Linux systems - make sure you are patched...
github.blog/2021-06-10-privile

Lots of geekery in this post but it describes a bug introduced about seven years ago in "polkit". Things like interrupting that process 8 milliseconds after starting it can help you get root access on MANY Linux distributions (list provided).

It has a list of SOME vulnerable distributions - what I don't see is the list where it is fixed.

@mhjohnson lmfao thank god i didnt install that polkit trash on my systems in the first place
@mhjohnson
>polkit asks dbus-daemon for the UID of the requesting process multiple times, on different codepaths.

holy shit
Sign in to participate in the conversation
No Agenda Social

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!