| Walt Mankowski on 15 Mar 2018 13:48:33 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] text editor priv escalation |
On Thu, Mar 15, 2018 at 04:44:39PM -0400, brent timothy saner wrote: > On 03/15/2018 04:35 PM, Walt Mankowski wrote: > > This is why I use ed(1), the standard text editor. > > > > On Thu, Mar 15, 2018 at 09:53:32AM -0400, jeff wrote: > >> https://www.securityweek.com/hackers-can-abuse-text-editors-privilege-escalation > >> > >> For an attack to work, the attacker needs to somehow hijack a legitimate > >> user account that has regular privileges, which can be achieved through > >> phishing, social engineering and other methods. In the case of a malicious > >> insider, the vulnerability found by SafeBreach can be useful for executing > >> code with elevated privileges if their permissions have been restricted by > >> the system administrator to certain files and commands. > >> > > > obligatory: > https://xkcd.com/378/ > https://xkcd.com/1341/ > https://xkcd.com/1823/ Also obligatory: https://www.gnu.org/fun/jokes/ed-msg.html
Attachment:
signature.asc
Description: PGP signature
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug