| Walt Mankowski on 15 Mar 2018 13:35:47 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] text editor priv escalation |
This is why I use ed(1), the standard text editor. On Thu, Mar 15, 2018 at 09:53:32AM -0400, jeff wrote: > https://www.securityweek.com/hackers-can-abuse-text-editors-privilege-escalation > > For an attack to work, the attacker needs to somehow hijack a legitimate > user account that has regular privileges, which can be achieved through > phishing, social engineering and other methods. In the case of a malicious > insider, the vulnerability found by SafeBreach can be useful for executing > code with elevated privileges if their permissions have been restricted by > the system administrator to certain files and commands. > > > > Remember: vim has been outlawed under the Geneva Convention as torture. > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
Attachment:
signature.asc
Description: PGP signature
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug